April 9, 2022 at 11:09 PM let's open discussion about this new hard machine just found these ports are open PORT STATE SERVICE 80/tcp open http 8080/tcp open http-proxy 8082/tcp open blackice-alerts April 9, 2022 at 11:18 PM PORT STATE SERVICE VERSION 80/tcp open http? 3000/tcp open ppp? 8080/tcp open http Tornado httpd 5.0 8081/tcp open http Tornado httpd 5.0 8082/tcp open http Tornado httpd 5.0 http://talkative.htb [200 OK] Apache[2.4.52], Country[RESERVED][ZZ], Email[[email protected]], Frame, HTML5, HTTPServer[Debian Linux][Apache/2.4.52 (Debian)], MetaGenerator[Bolt], PHP[7.4.28,], Script, Title[Talkative.htb | Talkative], UncommonHeaders[permissions-policy,link], X-Powered-By[PHP/7.4.28, Bolt], X-UA-Compatible[ie=edge] [email protected] [email protected] [email protected] 8080 - Jamovi RCE XSS? https://github.com/theart42/cves/blob/master/CVE-2021-28079/CVE-2021-28079.md 3000 - Rocket Chat - User Registration - tried blind but nothing https://github.com/CsEnox/CVE-2021-22911 April 10, 2022 at 2:52 AM on the jamovi use r plugin ,run rce system cmd April 10, 2022 at 9:06 PM I'm still working on it : ) April 11, 2022 at 3:02 AM So we can xss on jamovi but can't trigger js script, any hint? April 11, 2022 at 10:47 AM April 11, 2022 at 10:49 AM Allways use ro ck y list of words with jhohn? April 11, 2022 at 11:11 AM Hi everybody. PLS share root's hash April 12, 2022 at 8:58 AM (April 11, 2022, 03:44 PM)Internetdreams Wrote: easy rce on rjeditor -> try(system("bash -c 'id'", intern = TRUE)) sadly, i cannot run the rce on rjeditor...some help please.. April 12, 2022 at 9:32 AM (April 11, 2022, 03:44 PM)Internetdreams Wrote: easy rce on rjeditor -> try(system("bash -c 'id'", intern = TRUE)) how to unzip .omv file in machine? or how to transfer that file to my machine? |
