TryHackMe Ignite Official Walkthrough

had a hard time trying to upload a php reverse shell via admin portal but it finally worked. Just could not find a way to escalate. Thank you

coyotatorolla

If python 2 is not working for you just issue this command:
2to3-2.7 -w 47138.py
Then it will work with python 3.
And remove the proxy lines.

qwqqq

hi great walkthrough. Might I ask out of all the reverse shell commands what made you decide to use that specific command?

Naps_and_Sleep

There is username and password for fuelcms in source code of the webpage
You can upload a php and gain shell
And by the way nice tutorial

udaybingi

Thank you very much!! Very good wt.!!! Had some problem with the exploit, , but could fix it!

sharky

i ran into a problem during the reverse shell... <h4>A PHP Error was encountered</h4>

BlkManMountaineer

File "fuelcms.py", line 28, in <module>
htmlcharset = r.text.find(html)
AttributeError: 'function' object has no attribute 'text

Sir ... I have so many facing above mention ... what should I do ??

freedomlib

I had issues getting the exploit to work with python 2 I had to convert it to python3. (Just put parentheses on the print)

agentrange

At this moment, the exploit might have some changes, I tryed for almost 2 hours in order to run the exploit, at the end and after check online resources, there are many needs for the exploit to be working if using pythion3. At the begginning import requests
from urllib.parse import quote
line 24 will be
and remember to add () to the print attributes.

demegorash