by

Playing Around With PentestIt.Ru Testlab v.10 – Part 2

Lets continue the last article since i was busy with my real life.

From the last article i successfully get into the server from SSH service. Now lets enumerate the network inside the server based on this network diagram.

First, lets check if Nmap already installed on the server:

Great!! lets mapping the network.

Nmap results :

I remembered that store.gds.lab gives us 403 when doing SQL injection. Lets try exploit it again by tunneling from inside the network.

 

Lets verify the SQL injection manually.
Lets verify this vulnerability.

 

Now, let SQLmap do the rest.

Lets dump the last table (token).

Store’s token captured!

Please Donate To Bitcoin Address: [[address]]

Donation of [[value]] BTC Received. Thank You.
[[error]]

Leave a Reply

Your email address will not be published. Required fields are marked *