Vault

2456713

Comments

  • fjvfjv
    edited November 2018

    Tip: If you're using gobuster enable the following file extensions:php,txt,html with the -x flag.

    And as @0x29A said, common.txt from seclists is enough

  • I have a shell. Does anyone have any hints for finding/getting to the user.txt?

    tobor
    Gods make rules. They don't follow them

  • Thx Skunkfoot and fjv, i got shell now

  • @fjv I actually tried it with the extensions + directory 2.3 medium. I will try again with common.txt

    Hack The Box

  • Nope nothing... Maybe I oversee something, but I have no clue how to continue

    Hack The Box

  • @NicoF2000 said:
    Nope nothing... Maybe I oversee something, but I have no clue how to continue

    Hmm, I am in the same boat as you.
    The only 200 that came back was for index.php...

    avoidy

  • @avoidy said:

    Hmm, I am in the same boat as you.
    The only 200 that came back was for index.php...

    Same here

    Shadow2Xx

  • i'm stuck on that op***** config :/

    Hack The Box

  • edited November 2018

    Spoiler Removed - egre55

    n3v1l

  • edited November 2018
    the initial page gives pretty good hint about how to use gobuster
  • Hey Dave, do not know the user.txt ?? can someone PM me how can I find it???

  • @agnarus said:
    Hey Dave, do not know the user.txt ?? can someone PM me how can I find it???

    on the same boat. Not sure how to proceed from dave to find user.txt

  • @gudj4qu3r said:
    @shadow2Xx, @avoidy and @NicoF2000 maybe you need to get one word from the initial page and do something with it ... If i'm spoiling too much please delete it!

    Perfect hint mate. Thanks a lot.

  • @axle05 said:

    @agnarus said:
    Hey Dave, do not know the user.txt ?? can someone PM me how can I find it???

    on the same boat. Not sure how to proceed from dave to find user.txt

    Maybe you are in the wrong place

  • I don't know how to approach the login page...i tried bruteforcing, sql injection..nothing worked! Any hints ?

  • Guys, just like almost every other box, no bruteforcing is required at all. If that's what you've resorted to because you can't find anything else (I know I did), you probably need to enumerate more.

    --Skunkfoot

  • edited November 2018

    @Skunkfoot said:
    Guys, just like almost every other box, no bruteforcing is required at all. If that's what you've resorted to because you can't find anything else (I know I did), you probably need to enumerate more.

    Ok thnx ;) Brute is my last resort...i'm just stuck :expressionless:

  • fjvfjv
    edited November 2018

    You have to guess the first folder before running gobuster... then keep enumerating until you find something really exploitable.

    Deeper

  • @fjv said:
    You have to guess the first folder before running gobuster... then keep enumerating until you find something exploitable.

    I found a login page! Dunno how to proceed from there!

  • Enumerate more

  • Don't get tunnel-visioned on the login page

    --Skunkfoot

  • @Skunkfoot said:
    Don't get tunnel-visioned on the login page

    as i did and lost several hours

  • @J0rdan said:

    @Skunkfoot said:
    Don't get tunnel-visioned on the login page

    as i did and lost several hours

    "lost" is a relative term. Edison discovered 1 million ways to NOT make a lightbulb before he found one that worked. :bleep_bloop:

    --Skunkfoot

  • Anybody on bypass a special upload file ????

  • Do some research on how to bypass file upload extension filters. Once you figure out what types of files you can upload, the rest should be pretty simple.

    --Skunkfoot

  • @Skunkfoot said:
    Do some research on how to bypass file upload extension filters. Once you figure out what types of files you can upload, the rest should be pretty simple.

    Yep. Anyway I tested all the techniques with no success

  • Any hints on Priv Esc?
    I see a couple of leads, but not sure how to utilize them :/

    A hint would be appreciated :)

  • @23Y4D said:
    Any hints on Priv Esc?
    I see a couple of leads, but not sure how to utilize them :/

    A hint would be appreciated :)

    PM.

  • @Skunkfoot said:

    @J0rdan said:

    @Skunkfoot said:
    Don't get tunnel-visioned on the login page

    as i did and lost several hours

    "lost" is a relative term. Edison discovered 1 million ways to NOT make a lightbulb before he found one that worked. :bleep_bloop:

    the one that worked was to steal it from Tesla lol

    Opaque

  • @n1b1ru said:

    @Skunkfoot said:
    Do some research on how to bypass file upload extension filters. Once you figure out what types of files you can upload, the rest should be pretty simple.

    Yep. Anyway I tested all the techniques with no success

    @n1b1ru Skunkfoot is correct

Sign In to comment.