O
O
OSCP Notes
Search
⌃K
Introduction
Port scanning
Passive Information Gathering
Ports enum:
Recon Tools
Tech Skills Needed
msfvenom
meterpreter commands
Web Apps
General methods
phpmyadmin
cgi priv esc
Phreesoft 5.2.3
Webmin
ColdFusion 8
Wordpress
Mysql commands
xampp
Elastix
Drupal (CMS)
SQL & LFI
LFI
RFI
wfuzz
Manual SQL injection
Port Swigger SQL
php hacks
XSS
XML file upload RCE
Postgress creds found?
mongo db creds found?
base64 encoded Web bruteforcing
Web app source
uploading img as php
iframe technique
python scripts
Windows hacks
Port Forwarding
Reverse shells
Binary exploitation
Transfering Modules
Buffer Overflow
Cracking!
shellshock
Active Directory
Antivirus Evasion
Windows Priv Esc
Linux Priv Esc
Active Directory Case Studies
Pivoting
C program analysis
Misc
Hack the box Write-ups
THM Offensive Security Path
Proving Ground
Cyber Sec Labs
Powered By GitBook

cgi priv esc

The CGI scripts are perl scripts, so, if you have compromised a server that can execute .cgi scripts you can upload a perl reverse shell (/usr/share/webshells/perl/perl-reverse-shell.pl), change the extension from .pl to .cgi, give execute permissions (chmod +x) and access the reverse shell from the web browser to execute it. In order to test for CGI vulns it's recommended to use nikto -C all (and all the plugins)
source:https://book.hacktricks.xyz/pentesting/pentesting-web/cgi​
Upload the perl rev shell to the victim and run it. i.e) using LFI vuln that's executing with a root priv.
​
Previous
phpmyadmin
Next
Phreesoft 5.2.3
Last modified 11mo ago
Copy link