mirror of
http://git.nowherejezfoltodf4jiyl6r56jnzintap5vyjlia7fkirfsnfizflqd.onion/nihilist/hacking-blogposts.git
synced 2025-05-17 04:46:57 +00:00
fix for obsidian graphs plugin
This commit is contained in:
parent
ec6691f732
commit
519fd1c612
2 changed files with 2 additions and 2 deletions
|
|
@ -780,7 +780,7 @@ then we modify the value of the **PYTHONPATH** environment variable to access ou
|
|||
waldo@admirer:~$ sudo PYTHONPATH=/tmp/nihilist777 /opt/scripts/admin_tasks.sh
|
||||
[sudo] password for waldo:
|
||||
|
||||
[[[ System Administration Menu ]]]
|
||||
[ [ [ System Administration Menu ] ] ]
|
||||
1) View system uptime
|
||||
2) View logged in users
|
||||
3) View crontab
|
||||
|
|
|
|||
|
|
@ -292,7 +292,7 @@ So let's take a look at his home directory:
|
|||
sh -c "nmap --top-ports 10 -oN recon/${ip}.nmap ${ip} 2>&1 >/dev/null" &
|
||||
done
|
||||
|
||||
if [[ $(wc -l <****$log) -gt 0 ]]; then echo -n > $log; fi
|
||||
if [ [ $(wc -l <****$log) -gt 0 ] ]; then echo -n > $log; fi
|
||||
|
||||
Here we see that there is a bashscript that takes a logfile from **/home/kid/logs/hackers** it, gets ip addresses from it and runs nmap against each of them. However the input isn't being sanitized, so let's use it to get a reverse shell:
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue