Hi I'm working on the notebook your box, and wanted to sanity check whether my approach to priv escalating to root is correct. I'm using this exploit: https://github.com/Frichetten/CVE-2019-5736-PoC, I changed the payload multiple times e.g. /bin/bash or rev shell bash etc. However when I use it, it successfully run but I get no shell back or commands actually executed, instead just the no /bin/sh error (when running it with /bin/sh to trigger the exploit. Ty in advance
I'm starting to think I'm in over my head but I'm still working on this one.
I found the jwt secret and can make a jwt to use but I am not seeing how to use it. The source doesn't create it until after a successful login. I don't know if this is the right direction....if it is I am stuck.
Skills Assessment - Web Fuzzing.
Stuck in the last question of the assessment.
Try fuzzing the parameters you identified for working values. One of them should return a flag. What is the content of the flag?
I have user and username parameters but can't find out the values to work with. Need help please.
Bro in final assignment of file inclusion . I got the source code(appends php at the end, ".. "not possible.
i tried to get /var/log/nginx/access.log using php wrapper but no luck. Can you help to complete this challenge
hello could you help me with toxic challenge?
I know that the flag is in some format like /flag_AAAAA but i don't know how to get it.
I tried like some ../../../flag_sometext but the website always answers200
Hello i'm working on htb love machine and I found file scanner which allow read some local file but i can't figure out which file i need to read? can you pls give a nudge
can you please help me with the question...Submit the contents of the flag.txt file located in the /exercise directory.
howdy!!!, i saw your comment that you told you get an error saying "/bin/bash: 1#.nmap: ambiguous redirect
" for scriptkiddie box, and i found out the solution
you just gotta make sure you add a HRI after before the ";/bin/bash" and leave a space between ; and bash.
And also at the last leave a space between the hash(#) and the single quote ('),
I don't know how to reply in public, tried but can't figure out a way to reply inside the thread itself, hope it would be helpful if you still haven't got the flag