Recent Activity

benja, nikben, VaCh21, Vendetta62966, Sinf0rlife and 15 others joined.

Welcome Aboard!

June 19, 2018
pwnforfun, bafman, luckyster895, synack555, xsmile and 28 others joined.

Welcome Aboard!

June 18, 2018
neusec changed their profile picture.

June 19, 2018
fawazorg → Seraf

any hint ?

June 19, 2018
izzie → Parttimesecguy
Not even in yet. Can you guide pls? I'm up to
```
$ ssh -i hype.key [email protected]
Enter passphrase for key 'hype.key': heartbleedbelievethehype
[email protected]'s password: <NO IDEA WHAT THIS IS OR HOW TO GET IT>`
```
Tried a dozen. heartbleed,dirtyheart,sweetheart,valentine,believethehype,omg,thisisnothacking,

From there I guess you are using some sort of dirtyc0w exploit to get root? Some of the posts I've just read allude to another non-invasive, maybe easier method. what is with all the other keys and that useless MD5?
June 19, 2018
poe changed their profile picture.

June 19, 2018
BobBobbington → L0s3r

Hi buddy, for valentine how did you priv esc? tips please

June 19, 2018
fawazorg changed their profile picture.

June 19, 2018
izzie → H4wk

Doing this one now and stuck too. I think the user is valentine as in the user's username.

June 19, 2018
joeldejo → Neverthy

can you give me the hydra command for lernean bruteforce challenge , im stuck !!

June 19, 2018
alexmo changed their profile picture.

June 19, 2018
manaratz changed their profile picture.

June 19, 2018
L0s3r → drtychai

Hi brow, i logged in ssh with user roosa on machine Dev0ops, can you help me to get a root?

June 19, 2018
McBlocked changed their profile picture.

June 19, 2018
DevOS changed their profile picture.

June 18, 2018
fawazorg → senorbueno

i am stuck in DevOps

authcredentials.key is useful ??

June 18, 2018
C3PJoe changed their profile picture.

June 18, 2018
izzie → xtech

Okay I see. Sorry. Thanks for your help, I owe you.

June 18, 2018
w4tchd0g → midi

Hey, i am having the same issue as Concr3ta. Can you help. Would be great. Thanks

June 18, 2018
C3PJoe → Griff

I saw you offering to help with the Inferno challenge on the forums. I have decoded the BASE64 and ran it through a PHP decoder. I am not sure if I have the right output. Am I going the right way?

June 18, 2018
bluefox1025 changed their profile picture.

June 18, 2018
bulbafett

Don't write on my wall asking for hints...

June 18, 2018
exil3, goodguyandy, slubzz, MarcosSGomes, pr0gmtc and 26 others joined.

Welcome Aboard!

June 17, 2018
slubzz changed their profile picture.

June 18, 2018
fix → ymann

hello how did you manage to get user with creds? (login)

June 18, 2018
3xploited changed their profile picture.

June 18, 2018
3xploited changed their profile picture.

June 18, 2018
3xploited changed their profile picture.

June 18, 2018
melka changed their profile picture.

June 17, 2018
clmtn → imaginarybit
Hi there.

Are you able to provide a hint as to how you were able to get a fully interactive shell on Nibbles?

I've got the user flag and know what I need to do to elevate to root, but just having difficulty editing the .sh file to include a reverse shell command while non-fully interactive tty.

Below is the output once I catch the shell:

USER TTY FROM [email protected] IDLE JCPU PCPU WHAT
uid=1001(nibbler) gid=1001(nibbler) groups=1001(nibbler)
/bin/sh: 0: can't access tty; job control turned off

$ /bin/bash -i
bash: cannot set terminal process group (1323): Inappropriate ioctl for device
bash: no job control in this shell
[email protected]:/$ python -c 'import pty; pty.spawn("/bin/bash")'
python -c 'import pty; pty.spawn("/bin/bash")'
The program 'python' can be found in the following packages:
- python-minimal
- python3
  Ask your administrator to install one of them
I think my syntax might be a bit off? Any thoughts? Thanks.
June 17, 2018

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Register