Well hello guys,
I successfully uploaded a shell (Antichat script) to my university's website. Website however required login to upload and I provided credentials of my classmate to login and all was ok. I accessed shell but now what? I was just not expecting it to be that vulnerable so I was not prepared or did any research. I browsed some files and sensitive files gave me permission denied error. I went off after some time because I was using my REAL IP!. Today the script is deleted, but I can probably upload it again I think with Tor but I think they will again know what my IP is because steps will be similar. Now I want to know how they knew my script's presence? Anyway to stay hidden and how to get access to files which give me error. And last question that I am at any risk because I was on real IP? What could be consequences for just browsing their server files? (Will stay careful next time pals)
Thank you!
2 Responses
Yes you're at risk! What you did is actually a Black Hat action (from what I understood of your situation and I don't approve that) and since you were using your real IP they can potentially retrace you (find your ISP and then your personal information).
However Universities are privileged targets and they records thousands of hacking attempts every week. If you're lucky they won't investigate further and just patch the vuln.
What you risk depends on your country legislation. But in mine (France) what you did worth 2 year in prison and a 30 000 euros fine.
Ah damn alright, still all good lol. By the way could you guide me how to escalate privileges so that I don't get access denied error?
Share Your Thoughts