Metasploit mailing list archives
Pentesting through FW, advice needed
From: giorgio.casali at gmail.com (Giorgio Casali)
Date: Tue, 29 Jul 2008 17:32:55 +0200
I can compile files on my host and move them to the victim, but I can't use port 80 or 443 since they're already taken by apache. My account is apache and is without password, so I can't even change it, to use it to fire up a reverse ssh shell. I finally decided to upload msf and run it non interactively (-s option), but win2000 machines were patched.... :P I was wondering if there were other solutions, since it often happens to shovel an unprivileged php shell with apache privileges and no password set. Thanks for your replies, G.C.
Current thread:
- Pentesting through FW, advice needed Giorgio Casali (Jul 29)
- Pentesting through FW, advice needed Ron (Jul 29)
- Pentesting through FW, advice needed natron (Jul 29)
- Message not available
- Pentesting through FW, advice needed Giorgio Casali (Jul 29)
- Pentesting through FW, advice needed natron (Jul 29)
- Pentesting through FW, advice needed Ron (Jul 29)