newbi3 Posted April 7, 2014 Share Posted April 7, 2014 http://runnable.com/UhC31SICZHEKAAOF/submit-a-form-in-asp-net Scroll to the bottom... I am sending an e-mail... Quote Link to comment Share on other sites More sharing options...
digininja Posted April 7, 2014 Share Posted April 7, 2014 So? Quote Link to comment Share on other sites More sharing options...
newbi3 Posted April 7, 2014 Author Share Posted April 7, 2014 (edited) Its root and its a full ubuntu box. I havent looked around but I am sure you can see other machines on the network and install other packages on that system Edited April 7, 2014 by newbi3 Quote Link to comment Share on other sites More sharing options...
digininja Posted April 7, 2014 Share Posted April 7, 2014 ye, it is quite open but doesn't seem to allow remote ssh connections. Interesting idea Quote Link to comment Share on other sites More sharing options...
cooper Posted April 7, 2014 Share Posted April 7, 2014 It's a Dockworker node - look at the process list. I doubt you have access to any networking capability of the actual host, though I must admit these guys are VERY trusting of their software to expose something like this. Quote Link to comment Share on other sites More sharing options...
newbi3 Posted April 7, 2014 Author Share Posted April 7, 2014 yeah I noticed they had a keylogger on there but you can kill the process and clear the logs Quote Link to comment Share on other sites More sharing options...
cooper Posted April 7, 2014 Share Posted April 7, 2014 Or it can make it appear like you can... Quote Link to comment Share on other sites More sharing options...
newbi3 Posted April 7, 2014 Author Share Posted April 7, 2014 (edited) Indeed. Im sure that its sending the logs to a master log file somewhere, I don't want to look around though not feeling like going to jail today Also even though it doesnt allow ssh you it does have python installed on it so if you wanted a remote shell you could create a reverse shell with python Edited April 7, 2014 by newbi3 Quote Link to comment Share on other sites More sharing options...
cooper Posted April 7, 2014 Share Posted April 7, 2014 You already have your remote shell. You're in it. I very much doubt you'll be able to start something that will listen on a port, so regardless of the language support present (I mean, there's mono on there aswell if you're feeling adventurous) you'd be hard-pressed to leave an active process on there for long. The only option I see is to vandalise the place, meaning to load the box and thus DOS the remaining session, but that equates to being a dick and I've long since stopped aiming that low. Quote Link to comment Share on other sites More sharing options...
digininja Posted April 8, 2014 Share Posted April 8, 2014 Adding ssh keys to the authorised keys file didn't allow ssh access, I think they know what they are doing at least to some degree. The box does have external internet access as I could hit a site to get its external IP address. Quote Link to comment Share on other sites More sharing options...
cooper Posted April 9, 2014 Share Posted April 9, 2014 That's actually a problem them as you could use them as an intermediary in your DDOS attack. Quote Link to comment Share on other sites More sharing options...
digininja Posted April 9, 2014 Share Posted April 9, 2014 I'd hope they'd have thought about that and have a good rate limiter on it Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.