Writeups

[ES] Writeup de la maquina UNIT

Resolucion: Se trata de una maquina basada en una vulnerabilidad de RFI a RCE PHP mediante los metodos PUT y MOVE de HTTP Iniciamos con un ping sweep para descubrir la maquina. sudo nmap -sn 192.168.56.0/24 [sudo] password for kali: Starting Nmap 7.95 ( https://nmap.org ) at 2025-01-28 19:33 CET Nmap scan report for 192.168.56.1 Host is up (0.00028s latency). MAC Address: 0A:00:27:00:00:00 (Unknown) Nmap scan report for 192.168.56.10 Host is up (0.00031s latency). MAC Address: 08:00:27:A4:04:70 (PCS Systemtechnik/Oracle VirtualBox virtual NIC) Nmap scan report for 192.168.56.102 Host is up (0.00079s latency). MAC Address: 08:00:27:7B:8B:9E (PCS Systemtechnik/Oracle VirtualBox virtual NIC) Nmap scan report for 192.168.56.104 Host is up (0.00079s latency). MAC Address: 08:00:27:6B:C7:57 (PCS Systemtechnik/Oracle VirtualBox virtual NIC) Nmap scan report for 192.168.56.100 Host is up. Nmap done: 256 IP addresses (5 hosts up) scanned in 2.08 seconds Realizamos un ping por visibilidad: ...

January 29, 2025 · XoanOuteiro