Re: How to get a reverse Shell / VNC from a writable directory on a remote web server.

From: Maarten Hartsuijker (subscriptions@hartsuijker.com)
Date: Sat Aug 06 2005 - 06:09:11 EDT

• Next message: Bobby: "Sexual Dynamo! Víagra Onlíne!"
• Previous message: security curmudgeon: "Re: Siebel Vulnerabilities"
• In reply to: AsTriXs: "How to get a reverse Shell / VNC from a writable directory on a remote web server."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

HI Astrixs,

This kind of depends. Are you able to upload scripts to this directory? Are
the directories in the executable paths of of the webserver? If you are able
to upload PhP/AsP to the directory, and the engine is willing to execute
from these directories, you could simply upload the required binaries, write
a small asp/php page that runs your binary, and request the page from your
webbrowser....

Maarten

----- Original Message -----
From: "AsTriXs" <astrixs@gmail.com>
To: <pen-test@securityfocus.com>
Sent: Friday, August 05, 2005 1:02 PM
Subject: How to get a reverse Shell / VNC from a writable directory on a
remote web server.

Hi,

I have found a few writable directories on a remote web server on
which I am doing a Pen-Test.
How do I setup a reversell of a VNC from this stage?
What tools can I use?
Does Metasploit provide an option?
What would be the procedure to achieve the same?

Thanks,

-- 
[AsTriXs]
------------------------------------------------------------------------------
FREE WHITE PAPER - Wireless LAN Security: What Hackers Know That You Don't
Learn the hacker's secrets that compromise wireless LANs. Secure your
WLAN by understanding these threats, available hacking tools and proven
countermeasures. Defend your WLAN against man-in-the-Middle attacks and
session hijacking, denial-of-service, rogue access points, identity
thefts and MAC spoofing. Request your complimentary white paper at:
http://www.securityfocus.com/sponsor/AirDefense_pen-test_050801
-------------------------------------------------------------------------------
------------------------------------------------------------------------------
FREE WHITE PAPER - Wireless LAN Security: What Hackers Know That You Don't
Learn the hacker's secrets that compromise wireless LANs. Secure your
WLAN by understanding these threats, available hacking tools and proven
countermeasures. Defend your WLAN against man-in-the-Middle attacks and
session hijacking, denial-of-service, rogue access points, identity
thefts and MAC spoofing. Request your complimentary white paper at:
http://www.securityfocus.com/sponsor/AirDefense_pen-test_050801
-------------------------------------------------------------------------------

• Next message: Bobby: "Sexual Dynamo! Víagra Onlíne!"
• Previous message: security curmudgeon: "Re: Siebel Vulnerabilities"
• In reply to: AsTriXs: "How to get a reverse Shell / VNC from a writable directory on a remote web server."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:42 EDT