What does curl do in triggering a reverse shell in Oopsie

@sumin said:

i am trying to get a reverse shell using pentestmoneky php,but i am unable to upload the php file the oopsie website says connection got reset etc,i could upload other files though

Ok - I am not trying to be an asshole here but “connection reset” is very different from “no response.”

The error messages provided by an application are really the only way to understand what is happening.

So to dig into this:

  • How are you uploading the shell?
  • How are you trying to access the shell?
  • Are you getting connection reset on the upload or on the access attempt?
  • What other error messages are you getting (the “etc” bit)?

Type your comment> @TazWake said:

@sumin said:

i am trying to get a reverse shell using pentestmoneky php,but i am unable to upload the php file the oopsie website says connection got reset etc,i could upload other files though

Ok - I am not trying to be an asshole here but “connection reset” is very different from “no response.”

The error messages provided by an application are really the only way to understand what is happening.

So to dig into this:

  • How are you uploading the shell?
  • How are you trying to access the shell?
  • Are you getting connection reset on the upload or on the access attempt?
  • What other error messages are you getting (the “etc” bit)?

@TazWake said:
@sumin said:

i am trying to get a reverse shell using pentestmoneky php,but i am unable to upload the php file the oopsie website says connection got reset etc,i could upload other files though

Ok - I am not trying to be an asshole here but “connection reset” is very different from “no response.”

The error messages provided by an application are really the only way to understand what is happening.

So to dig into this:

  • How are you uploading the shell?
  • How are you trying to access the shell?
  • Are you getting connection reset on the upload or on the access attempt?
  • What other error messages are you getting (the “etc” bit)?

@TazWake said:
@sumin said:

i am trying to get a reverse shell using pentestmoneky php,but i am unable to upload the php file the oopsie website says connection got reset etc,i could upload other files though

Ok - I am not trying to be an asshole here but “connection reset” is very different from “no response.”

The error messages provided by an application are really the only way to understand what is happening.

So to dig into this:

  • How are you uploading the shell?
  • How are you trying to access the shell?
  • Are you getting connection reset on the upload or on the access attempt?
  • What other error messages are you getting (the “etc” bit)?

i am playing the oopsie machine starting point,it has got an upload files option on the web page,
i use the pentest monkey reverse php script,i am going to use netcat to listen and connect to the machine
i am getting connection reset on upload
when i am connected to burpsuit proxy i get server no response error when i upload .php file

@sumin said:

i am playing the oopsie machine starting point,it has got an upload files option on the web page,

i use the pentest monkey reverse php script,i am going to use netcat to listen and connect to the machine
i am getting connection reset on upload

when i am connected to burpsuit proxy i get server no response error when i upload .php file

OK - are you capturing the request and modifying the user value?

yes i am

Type your comment> @sumin said:

yes i am

@TazWake said:
@sumin said:

i am playing the oopsie machine starting point,it has got an upload files option on the web page,

i use the pentest monkey reverse php script,i am going to use netcat to listen and connect to the machine
i am getting connection reset on upload

when i am connected to burpsuit proxy i get server no response error when i upload .php file

OK - are you capturing the request and modifying the user value?

i solved the upload issue,i used a very shortscript than pentestmonkey script,it uploaded successfully and i got a reverse shell

i found out another user s password by catting the db.php,but how to switch between users , when i use su -robert it says the command should be done by terminal

is there another way to switch between users, the host machine is ubuntu

@sumin said:

i solved the upload issue,i used a very shortscript than pentestmonkey script,it uploaded successfully and i got a reverse shell

i found out another user s password by catting the db.php,but how to switch between users , when i use su -robert it says the command should be done by terminal

is there another way to switch between users, the host machine is ubuntu

It might be easier to convert your shell into a terminal (google “shell upgrades”). This can be a bit hit and miss though.

Alternatively you could try su robert and see if not specifying a login terminal works you you can try ssh as that user. A shell upgrade might be needed for this lab though.