Algernon
PG Practice Algernon writeup
Nmap
Port 80 redirects to the default IIS page.
Port 9998 directs us to the following login page for SmarterMail.
Researching exploits for SmarterMail on Google we come across an interesting exploit:
Looking at the description for this is exploit we have the following:
Looking at the nmap
results from earlier we do have .NET remoting running on port 17001. As such this exploit should be applicable to the target machine.
I downloaded the exploit and edited the following portion to match my IP and to use the local port of 21.
I then set up a netcat
listener for port 21.
Then executed the exploit and received a reverse shell as SYSTEM.
Last updated