Carrier

12123252627

Comments

  • Rooted. Amazing machine @snowscan . Thank you for the nudge @peek

  • Hey, I have the shell on the system and see the diagram and the conf files... but I am very confused on how this network works and what all the traffic is. Could somebody help me get a better understanding of what I am looking at from a high level so that I can figure out what to do next? I am very new to networking.

    wiseguy

  • I managed to login using serial number but now i stuck what to do next :(

  • Type your comment> @izzul said:
    > I managed to login using serial number but now i stuck what to do next :(

    Check out what pages you have available and figure out how they might work
  • Hi i got user.txt already but im having trouble getting a reverse shell. I tried using p***** and n* but i can't seem to catch a shell

  • Got user on the box, got an interactive shell, but having trouble with root. I'm guessing I need to change the b** protocol, but I'm a bit unsure about where to go with this. I'm thinking the t****** page is a hint at how to reconfigure things?

  • edited February 2019

    Hi after reading a few page on the forum I can not figure out my nmap scan..... 161 is close and I try sever types of scanning so what's going wrong? Any hint should be appreciated thanks

    Founded lol waiting 20 min for a scan

  • Type your comment> @skyghost666 said:

    Hi after reading a few page on the forum I can not figure out my nmap scan..... 161 is close and I try sever types of scanning so what's going wrong? Any hint should be appreciated thanks

    Founded lol waiting 20 min for a scan

    masscan is good to find all open port. quickly 2 ~3 mins .then you just need nmap scan port service .

  • I'm trap with s...w... IN enumeration I found SN#N......but I don't find the way to exploit that any hint should be appreciated thank you

  • Enumerated ports, services, site, etc. Read docs. Got SN*. Still unable to login. Site seems to hang after inputting credentials :/

  • Can any point me in the right direction? I have an interactive shell and have modified the b** config. I havent been able to capture the traffic locally and havent been able to forward the traffic to my box.

  • edited February 2019

  • edited February 2019

    I think I almost have rotting this figured out. Could someone give me a hand? I am b** h******** and seeing an f** 3-way handshake, but no data.

    EDIT: Nevermind- rooted. Be wary of poor network conditions.

  • Nevermind- rooted. Be wary of poor network conditions.

  • Hey all, I've been able to log into the web page with the correct credentials, and I am working with burp suite for the RCE. I've found Check=******* that people have mentioned but I am unsure of where to go from here. Any help would be appreciated. Feel free to DM. Still trying to get that user.txt.

  • edited February 2019

    anyone up to help me out with b** h******** portion? I'd like to get some feedback on my approach. I have owned system already just not sure how or why

    Kronos

  • Gotaccess to web app, cant seem to figure out changing the parameter to execute rce. Do you need to modify both the Name and value or simply the value of Ch***? Feel free to DM me

  • For root, I was pretty close for many hours and pulling my hair out and was missing one step after configuring b**. My hint is below, hopefully its vague enough not to be considered a spoiler.

    Remember when doing b** h********, you have to actually be able to provide the services you're advertising.

  • edited February 2019

    hints for PrivEsca

  • @0xMohamed I'm right there and I see data for that service. I dont see a password or any files being transferred. I'm trying to capture it in pcap. I dont know why I can only see partial data for that service.

  • Rooted! After 2 days of struggle... This got to be my favorite box, learned so much! If someone need help just PM me.

  • Holy cow! Took me 2 days too. Thanks to @snox for the tip. Pay attention to @0xMohamed's advice.

  • The root part has been kicking my ass for a day and a half. Makes me painfully conscious about the need to seriously brush up on my networking skils.

    Changed stuff in b.cf according to that f** port in the T*****s page, tried catching the result with n, tried with tc****p ... but nothing is showing up yet.
    I know I'm really close, but I must miss a detail either in that file, or in the way I'm listening to stuff.

    Any hints in PM ? Would love to check my B** h*******g logic, as I feel it might be too simple or missing something.

  • edited February 2019

    thought I was finished but it's time to try harder

  • Finally rooted. Thanks to @siryarbles :)

  • edited February 2019

    Just had a conversation with someone on port 21. That was fun ¯_(ツ)_/¯

  • edited February 2019

    So crowded, it's just a pain to root it :scream:
    Resets / network mess... man, the hardest part is not to root it but find the right hour to work on it XD

  • edited February 2019

    Really stuck on this i understand the attack needed to be done. When I make changes, host a service for a connection nothing happens. Not sure what I'm doing incorrect. Finding this box really hard...

    Edit: not to worry i got it! Hint if you know the attack and you know what service is needed you need to ask yourself what is the VIP calling to and how can i get him to come to me if that makes much sense haha

  • I have the root password but cant do much after logging into the service. Can someone lend a hand?

  • edited February 2019

    Deleted comment.

Sign In to comment.