So I was doing hackthebox.eu and realize there the target used a vulnerable web application, the exploit was developed and can be downloaded from exploitdb, but it was not updated in msfconsole when I do a
search openadmin I could only see an outdated exploit that was disclosed on the 2017.
The ruby script that exploits the OpenNetAdmin 18.1.1 could be found in my kali linux
/usr/share/exploitdb but it was not loaded in
So it turned out that I need to create an auxiliary directory in
~/.msf4/modules, then copy the ruby script from
root@kali:~# ls -lah ~/.msf4/modules/auxiliary/php/webapps/47772.rb
-rwxr-xr-x 1 root root 3.0K Apr 2 18:54 /root/.msf4/modules/auxiliary/php/webapps/47772.rb
So when you use it in msfconsole you need to do
use auxiliary/php/webapps/47772, this script has preloaded the payload option but if your kali linux is x64 use the x64 meterpreter payload. Meterpreter makes your reverse shell easier and it is more silent because it is a stager meaning the entire payload is sent chunks by chunks.
Oh yeah in the BackTrack Linux days you can do
msfupdate but not on the kali linux, so you need to update the exploit script yourself.
To update the exploitdb codes into kali use
searchsploit -u, the
searchsploit also searches if the exploit is available in your