Wall

1212223242527»

Comments

  • edited December 2019

    Spoiler Removed

  • edited December 2019

    Rooted.

  • Hi,
    I would like to have help to perform the c****** exploit manually: in understood that I should create sp***er and configure the m****** bin before triggering it
    I also understood why "Wall" ....

    Would someone help me to have foothold ?

  • Any hints on how to bypass the waf? pm please

  • Just completed.
    Still do not know, what is the proper way to find the login page -:) Really no clue -:)
    I found it following hints on this forum. Need probably wait for write-up to get known, how to do it properly.
    After finding this page the rest is relatively easy. Some people mentioned WAF, but I did not notice. After getting shell directly to root.

    m4rc1n

  • hi, I need help.. /c******* LP

  • hello, got access to c******n, tried different payloads, tried to bypass wall, but it is not working. Can someone DM me to give some hints on the payload?

  • Need help with bypassing the WAF... Tried almost all the payloads that I can find but always getting 403 when updating the payload. I would appreciate if some can DM me a hint for finding/creating the correct payload.
    Thanks in advance!

  • Type your comment> @Luc1f3r1921 said:

    Need help with bypassing the WAF... Tried almost all the payloads that I can find but always getting 403 when updating the payload. I would appreciate if some can DM me a hint for finding/creating the correct payload.
    Thanks in advance!

    There is a joke in which a man complains at the doctor: "When I touch my shoulder, it really hurts.When I touch my knee - OUCH! When I touch my forehead, it really, really hurts." "I know what's wrong with you. You've broken your finger!"

    You should find the "finger" (maybe more fingers) which is part of all your payloads and substitute it.

    bumika

  • ok rooted.

    really nice box to learn to get foothold. Didn't like the PrivEsc, mainly because I did the unintended way I guess. (I guess) Still, just the exploiting part was great.

    Hints: Wait for the code to run. I spent 2 days thinking what I was doing wrong because it won't run.
    If you have troubles with the payload, remember IFStatments. (If it's a spoiler, please remove)

    Root and user were easy.

    Thanks to @askar for the box and @Ma1ware and @bumika for the hints. They helped a lot.

  • Need help with bypassing the WAF... I would appreciate if some can DM me a hint
    Thanks in advance!

  • I am a bit lost, i don't know what i have to do with the javascript line to get the user pass, i've alredy decode the hex strings

  • stuck at initial shell stage , cve not working..... getting 403 error :\
    can anyone pm me with some help ?

  • Took me ages, but learned some things and got it done. PM me if you need any help. Thanks @askar for the fun!

  • I am able to execute payload but not getting a shell back :\ , there's no 403 error and the link is opening bt not getting shell back

  • I couldn't get RCE to work. I found that i should escape some characters and did them. payload uploaded successfully but doesn't seem to run. Help please...


  • Check out my blog
    Always happy to help! but please consider dropping some respect. ^^

  • Type your comment

Sign In to comment.