If you had a webshell but a firewall was stopping all reverse shells, what would you look for? – Digitalmunition




Home Forums If you had a webshell but a firewall was stopping all reverse shells, what would you look for?

This topic contains 1 reply, has 2 voices, and was last updated by  Tompazi 1 month, 1 week ago.

  • Author
    Posts
  • #279620

    anonymous
    Participant

    There was an SNMP manager web application on a box I was attacking the other day. That application had a page to ping routers, which was vulnerable to command injection. However, something was preventing reverse shells from working. I could upload files, but couldn’t get any callback. What are some other things I could look for, if I come across this problem again? I tried looking around for passwords, but I ended up not finding anything.

  • #279621

    Tompazi

    Stay in the webshell. You can easily turn a web shell into a pseudo-interactive shell. And even a fully interactive shell if the server has screen or tmux installed (or you can upload those programs).

  • #279622

    maxanderson

    Just move protocol – have the shell call back over ICMP or DNS

You must be logged in to reply to this topic.