Recent Activity

Activity List

  • n1ghty, fab1107, wail99, k41n, exp and 11 others joined.
    Welcome Aboard!
    4:27AM
  • positivevibes

    heya I'm stuck with the root flag, mind giving me a nudge? I know openssl is the entrypoint but I'm confused with the capabilities...

    1:52PM
  • X44 changed their profile picture.
    Thumbnail
    1:50PM
  • positivevibes

    heya I'm stuck with the root flag, mind giving me a nudge? I know openssl is the entrypoint but I'm confused with the capabilities...

    1:46PM
  • positivevibes

    heya I'm stuck with the root flag, mind giving me a nudge? I know openssl is the entrypoint but I'm confused with the capabilities...

    1:36PM
  • thepioneer
    Hi,
    how can i get the SourceCode of upload.php? I can get over LFI the source of dashboard.php and Login.php but not the source for Upload.php?! Upload.php lies on another subdomain.
    Thanks ThePioneer
    12:10PM
  • jvlavl

    hi any hint to admin please

    11:10AM
  • thepioneer

    Hi,
    you wrote we can contact you so i will do it ;-)
    i enumerate a lot of subdomains and smb shares. at hte friendzone.htb subdomains are 2 wich i can use over https. the other subdomains on friendzoneportal are all dead. at the haha dashboard site i can watch sourcecode of dashboard.php and login.php over LFI and now i am at the end of my knowledge :-(
    can you give me a hint please where i should go on.
    thanks and greeting
    ThePioneer

    soryy i hope you can understand my bad englisch

    10:39AM
  • ddosmg changed their profile picture.
    Thumbnail
    10:10AM
  • jvlavl

    Hi Can you give me a hint for Admin

    10:06AM
  • bing0o changed their profile picture.
    Thumbnail
    9:45AM
  • ekowso, foonpyk, many93, 3rr0r, MFYG64IK and 28 others joined.
    Welcome Aboard!
    February 20
  • foonpyk changed their profile picture.
    Thumbnail
    1:01AM
  • AzAxIaL changed their profile picture.
    Thumbnail
    12:55AM
  • ray65

    Hey, I've been banging my head forever on this Friendzone root. Think it has something to do with reporter.py and/or exim4, but I must be missing something obvious. Can I get a nudge in the right direction?

    February 20
  • weirdatfirst

    hey any tips on initial foothold for queier? I have the creds. I can get on using impacts tool. Doesn't look like I have permissions to do much. I have been weeding through databases. no luck

    February 20
  • benlarsendk changed their profile picture.
    Thumbnail
    February 20
  • ray65

    Hey, can I get a hint on how you got privesc on Friendzone? Been at it for a while, also don't get the "information-rich" hint. Gone down a bunch of rabbit holes with reporter.py and exim4.

    February 20
  • takeiteasy changed their profile picture.
    Thumbnail
    February 20
  • fl337

    any help with RCE on webpage... I am following the video tutorial and nothing is working...

    https://blog.ripstech.com/2018/moodle-remote-code-execution/

    I am injecting this command 0=(system('ls')) but not getting anything back...

    February 20
  • takeiteasy changed their profile picture.
    Thumbnail
    February 20
  • monel

    also got default credentials for "CW1000-X Lyghtspeed Management Platform" ----> admin:admin

    but not able to login. It keeps saying username or password incorrect.

    What to do??

    February 20
  • Hitch changed their profile picture.
    Thumbnail
    February 20
  • Hitch changed their profile picture.
    Thumbnail
    February 20
  • monel

    Hey, can you help me with the carrier machine.

    I am not able to identify the default login credential for lyghtspeed. Even though i Know it is Cisco AS100.
    Got UDP 161 port but while enumerating, I am getting this:-

    SNMPv2-SMI::mib-2.47.1.1.1.1.11 = STRING: "SN#NET_45JDX23"
    End of MIB dont know what to do further.

    got some directories while dirbusting it but it will work once i logged in.

    February 20
  • turkkani changed their profile picture.
    Thumbnail
    February 20
  • monel

    Hey, can you help me with the carrier machine.

    I am not able to identify the default login credential for lyghtspeed. Even though i Know it is Cisco AS100.
    Got UDP 161 port but while enumerating, I am getting this:-

    SNMPv2-SMI::mib-2.47.1.1.1.1.11 = STRING: "SN#NET_45JDX23"
    End of MIB

    dont know what to do further.
    got some directories while dirbusting it but it will work once i logged in.

    February 20
  • sillydaddy

    Hi friend
    I am stuck with 2 uncles ..Could you please help ?

    February 20
  • odb3000

    Hi! I have see your great work.
    Hey do you have any tips why I'm unable to mget or get the Access Control.zip
    I have logged in as anonymous and pulled the Backup.mdb
    i placed it into a text file and I cant understand the what I'm missing to find the password.
    I am new to the hacking world. Any tips would be helpful. Thank you

    February 20
  • fl337

    Hey man! I am trying to get initial access to teacher. I can't figure out how to get RCE with moodle! I have found this blog

    https://blog.ripstech.com/2018/moodle-remote-code-execution/#substitute_variables

    post that seems interesting but nothing is working... how did you go about doing this?

    February 20

Howdy, Stranger!

Click here to create an account.