Exploiting Port 631 – CUPS
The Metasploitable 3 VM is running the C Unix Printing System (CUPS) with the web-based interface enabled:
A remote attacker can exploit CUPS to execute arbitrary commands via crafted fields during the creation or modification of a printer. The 'PRINTER_INFO' and 'PRINTER_LOCATION' fields can be configured to contain arbitrary commands which will be executed when a print job is submitted, provided the remote host is running a vulnerable version of Bash.
Searching in MSF you will find one exploit for this service:
Let’s use it:
The exploit fails due to a configuration error in the Metasploitable 3 VM. You can read about the details here:
https://github.com/rapid7/metasploitable3/issues/459
In order for this exploit to work one of the possible solutions is to add the vagrant user (or any other user) to the lpadmin group by running the below command as root on the Metasploitable VM:
Now the lpadmin group is no longer empty and the vagrant user has the permission to add a printer to the system.
Unfortunately, the exploit still fails…
Exploiting Port 3500 – Ruby on Rails
Ruby on Rails, or Rails, is a server-side web application framework written in Ruby. Rails is a model-view-controller framework, providing default structures for a database, a web service, and web pages. The service has an entry page but we can’t get anything useful from it:
Therefore, it might be a good idea to fuzz the landing page in order to find additional pages that might held some more information.
Enumerating Rails using Web Fuzzer
The Web Fuzzer is a tool been created to facilitate the task in web applications assessments and it is based on a simple concept: it replaces any reference to the FUZZ keyword by the value of a given payload.
This leads to the discovery of the readme page
Enumerating Rails using Metasploit
Not as flexible as WFuzz, but Metasploit can also get the job done as long as you provide it the right dictionary file:
Time to see what the readme page has to offer:
Clicking on the logos takes you to OS specific pages with the “os” parameter set in the URL:
- http://172.16.3.3:3500/readme?os=windows
- http://172.16.3.3:3500/readme?os=linux
It appears to be a dead end but it always worth to dig in a little deeper.
Directory Traversal
Try to do some directory traversal with the “os” parameter, looking for the passwd file (containing the word root):
The results are a little messy but some of them are useful:
Exploiting Rails using Metasploit
A bit of research will reveal the existence of a vulnerability in the version of the service and the availability of the appropriate MSF module. Time to put the readme page and the os parameter to good use…
Notice the chewbacca user is a member of the docker group… this is interesting and might be helpful in the future.
Cyberspaceshield is a company with group of certified hacker, who are always ready to assist you with all your cyber problems.
ReplyDeleteWe’ve been in existence for ages now, we are reliable and helpful in terms of cyber bullying.
We can help you get all your cyber threats and bullies solved in less than what you can ever imagine.
These are somethings we specializes on:
➡️ Phone hacks/cloning
➡️ Credit scores Repair
➡️ Social media Hacks (Facebook, Instagram, tik tok).
➡️ Binary options
➡️ Binary Recovery
➡️ Clear criminal records etc.
The internet is full of scammers, that’s why we’re here to help you fight them out.
If you’ve been a victim of scam, don’t hesitate to write us on
EMAIL: Cyberspaceshield@gmail.com
Thank you!!!
Fresh Fullz & Tools Available
ReplyDeleteSSN DOB DL Fullz
High Credit Scores Pros
CC Fullz with CVV
Dumps with Pin Codes 101 & 202
Business EIN Fullz
Office365 Leads & Logs
SMTP's/RDP's
Shells/C-panels
Web mailers/Senders
Spamming/Hacking Full Package
Carding Methods/Loan Methods
Bulk Fullz also available
Fresh & Genuine Stuff
Telegram @leadsupplier
ICQ 752822040
Cybercriminals take advantage of the low understanding surrounding digital assets to attract potential investors and make off with their money. They promise high returns on investments, with little-to-no risk. GearHead Engineers, a group of white hackers who use their tactics to help victims back on their feet by tracking and recovering funds stolen by cybercriminals. Email gearhead@engineer.com
ReplyDeleteFULLZ|PROS|LEADS|INFO AVAILABLE
ReplyDeleteSSN DOB DL FULLZ
SSN DOB ADDRESS FULLZ
SIN DOB ADDRESS MMN FULLZ
NIN DOB ADDRESS SORT CODE ACCOUNT NUMBER
DL Front Back with Selfie USA UK CA
DL Front Back with SSN
DL Fullz with Issue & Exp Dates
DL Fullz with W-2 Forma
Young Age Kids Leads 2011-2022
Old Age Fullz 1960 Below
Sweep Stakes Leads
Pay Day Leads
Email Leads
CC with CVV
UK USA Canada Leads info
Loan Leads
Medicare Leads
Car Database with registration number leads
Loan Methods
Cash out Methods
*Fresh Leads & Fullz available
*Updated 2025 Database
*Bulk quantity available
*Bad, Invalid, wrong & unmatched info will be replaced
#fullz #usafullz #canadafullz #SSNFULLZ #SSNleads #UKfullz #ninleads #ninfullz
#ccshop #cvvdumps #fullzusacanadauk #ccusa #Dumpswithpin #deadfullz #kidfullz
#kidsusaleads #youngageleads #dlscanusa #realdlusa #realpassport #usadlscans #canadaDL #UKDL
CONTACT US FOR THE STUFF
=Tele Gr@m - @ killhacks / @ leadsupplier
=What's App - (+1) 7 2 7 7 8 8 6 1 2 9
=TG Channel - t.me/leadsproviderworldwide
=VK Messenger ID - @ leadsupplier
=Skype - @ peeterhacks
=Email - hacksp007 at gmail dot com
ReplyDeleteHey guys!!!
We are providing
High-Quality Leads ---Premium Database...
SSN DOB DL Address
SSN DOB DL Address Phone email
Real DL|ID Front Back with Selfie & SSN
UK NIN DOB DL ADDRESS
CANADIAN & GERMANY INFOS
TAX RETURN
LOAN
SIN DOB ADDRESS MMN PHONE
BUSINESS EIN COMPANY PROS
DEAD FULLZ
SWEEP STAKES
CC WITH CVV
PAYDAY LEADS
Verified Email Database
HOME OWNER LEADS
EMPLOYEE
FOREX DATABASE
DUMPS WITH PIN TRACK 101 & 202
DATA FOR TAX RETURN
AMAZON
TUTORIALS
TOOLS
Available in Bulk
Be aware of scammers
For more infos DM
telegram @Albertz10
telegram channel https://t.me/LeadsSellers
whats app +44 7700 137680
#USAFULLZ #ssndobdl #ssnpros #fullzprosleads #usaleads#UKFULLZ #CANADAFULLZ#BTC #ETH#CRYPTOCURRENCY #MAGA#SWEEPSTAKES #DEADFULLZ #OLDAGEFULLZ #TAXRETURN #ccfullz #FULLZSELLER #CCSHOP
#MAGA#NIN #VERFIEDSELLER #REALDLS #FULLZSELLER
We are providing you fresh Database
ReplyDeleteSSN Fullz | Real DLs | Company Ein | Combos | Emails | Passports | Leads
SSN SIN DOB Address Phone Email
SSN DOB DL Address Employement & Bank Info Routing number
UK NIN DOB DL Address Sort Code
SIN DOB Address MMN Phone Email
Real DL Scan Front back with selfie & SSN
Business EIN Company Pros
Dead Fullz
Sweep Stakes
CC with CVV
Dumps with Pin Track 101 & 202
DL Fullz with Issue & Exp Dates
DL Fullz with MVR
DL Fullz for KYC
DL Fullz with W-2 Forms
DL Front Back Scan Docs with SSN
Bulk UK Fullz
UK young & Old age Fullz
UK CC with CVV fullz
High Credit Scores UK fullz Pros
UK phone numbers & emails Leads
CONTACT US
------->
------>Tele gram -> @Malisa72
I make sure you'll to happy if do business with me
ssnfullz#usafullz#ssndobdl #ssnpros #fullzprosleads #usaleads#ukfullz#canadianfullz#BTC #ETH#Cryptocurrency #MAGA#Sweepstakes #Dead fullz #Old age fullz #taxreturn#seller
Get Quality Leads, Fullz, Pros, Database
ReplyDelete(USA STUFF)
--------------------------------
| SSN DOB DL Address Employee & Bank Info Fullz
| Bank Account & Routing Numbers
| USA DL Front back with Selfie
| USA Passport Photos
| Cars Database with MVR
| USA LLC Docs with DL Photos
| DL Fullz with Issue & Expiry Dates
| Get Specific States, Cities, Gender, Age, Zip codes
| USA CC's with CVV Fullz
| High Credit Score Pros
| Young & Old Age Fullz
| Business EIN Company Fullz
| USA Email Combos
(UK STUFF)
--------------------------------
| NIN DOB Address Fullz Sort Code Account Number
| NIN, DOB, DL Address Fullz
| UK DL Front Back with Selfie & Passports
| NIN Dob address info in bulk
| UK CC's with CVV Fullz
| All UK Counties Fullz
| UK Email Combos
(CANADA STUFF)
--------------------------------
| SIN DOB Address Fullz
| SIN DOB Address MMN EMAIL & Phone Info Fullz
| DL Front Back with Selfie
| CA CC's with CVV Fullz
| Canada All states DL & Passport Photos
| Canada Email Combos
USA Headers:
FIRST NAME|MIDDLE NAME|LAST NAME|SSN|DOB|DL NUMBER |DL STATE|PHONE HM|PHONE WORK|PHONE CELL|EMAIL|ADDRESS|
|CITY|STATE|ZIP|RESIDENT STATUS|EMPLOYER|OCCUPATION|JOB STATUS|MONTHLY INCOME|ROUTING NUMBER|ACCOUNT NUMBER
UK Headers:
FIRST NAME|SURNAME|DATE OF BIRTH|NI NUMBER|ADDRESS|CITY|STATE|POST CODE|EMAIL ADDRESS|NUMBER|SORT CODE|ACCOUNT NUMBER|ACCOUNT NAME
CANADA Headers:
FIRST NAME |LAST NAME |ADDRESS |CITY |STATE |COUNTRY |DOB |SIN |PHONE |EMAIL |MMN |ZIPCODE
(ADVANCE TOOLS & TUTORIALS)
---------------------------------------------
Spamming Complete Package
Hacking Complete Package
CC & Dumps Tutorials
CC hacking tutorials
Scam Pages & Scam Page Scripting
C-panels & Web-mailers
SMTP RDP Shells
Bulk SMS Sender PC/Mob
Kali Linux Package with Tutorial
Cash out & Transfer Methods
Available 24/7 at:
WhatsApp – (+1) 605... 846... 1870..
Telegram – @ Fullzpros (Watch out for cloned names)
TG Chanel – @ bigdatatrader
Mail – Silasclark99 at gmail dot com
VK ID – Fullzpros
Money Transfers
ReplyDeletebank login
bank transfer
writing cheques
transfer to cc ...
track 1 and 2 with pin
Sell Fresh CVV - Western Union Transfer - Bank Login - Card Dumps - Paypal - Ship
Fresh Cards, Selling Dumps, Cvvs, Fullz
Tickets,Hotels,Credit card topup...Paypal transfer, Mailer,Smtp,western union login,
Book Flight Online SSN infos with DL photos in bulk UK NIN data with sort codes Canada SIN data
SELL CVV GOOD And HACK BIG CVV GOOD Credit Card
Fresh Cards. Selling Dumps, Cvvs, Fullz.Tickets,Hotels,Credit cards
Sell Cvv(cc) - Wu Transfer - Card Dumps - Bank login/paypal
And many more other hacking services
contact me : Wuhacker@yahoo.com
Telegram: @Vcare524
Discord: @Vcare089
- I have account paypal with good balance
- I hope u good customers and will be long-term cooperation
Prices Western Union Online Transfer
-Transfer(Eu,Uk,Asia,Canada,Us,France,Germany,Italy and very
easy to do African)
- 200$ = 1500$ (MTCN and sender name + country sender)
- 350$ = 4000$ (MTCN and sender name + country sender)
- 500$ = 6000$ (MTCN and sender name + country sender)
- 600$ = 8000$ (MTCN and sender name + country sender)
Then i will do transfer's for you, After about 30 mins you'll have
MTCN and sender name + country sender
- Dumps prices
- Tracks 1&2 US = 85$ per 1
- Tracks 1&2 UK = 100$ per 1
- Tracks 1&2 CA / AU = 110$ per 1
- Tracks 1&2 EU = 120$ per 1
Bank Logins Prices US UK CA AU EU
- Bank Us : ( HALIFAX,BOA,CHASE,Wells Fargo...)
. Balance 5000$ = 250$
. Balance 8000$ = 400$
. Balance 12000$ = 600$
. Balance 15000$ = 800$
. Balance 20000$ = 1000$
- Bank UK : ( LLOYDS TSB,BARCLAYS,Standard Chartered,HSBC...)
. Balance 5000 GBP = 300 GBP
. Balance 12000 GBP = 600 GBP
. Balance 16000 GBP = 700 GBP
. Balance 20000 GBP = 1000 GBP
. Balance 30000 GBP = 1200 GBP
contact me : Wuhacker@yahoo.com
Telegram: @Vcare524
Discord: @Vcare089