Traverxec

1356745

Comments

  • Type your comment> @minimal0 said:

    I am not totally convinced it is the DDOS exploit which crashes the server.
    I am on VIP and tried as soon as the box was release with nmap sT 10.10.10.165 and port 80 was closed.
    After two reset, still closed.
    So i am not totally convinced it is just the DDOS.

    Same Here

  • For the fucks sake.
    Read exploit descriptions before using them... fucking bastards.
    Weird how /e****.ht** works thought

    Hack The Box

  • I got in and have credentials, but cannot use it until now..

  • Type your comment> @c1cada said:

    Type your comment> @minimal0 said:

    I am not totally convinced it is the DDOS exploit which crashes the server.
    I am on VIP and tried as soon as the box was release with nmap sT 10.10.10.165 and port 80 was closed.
    After two reset, still closed.
    So i am not totally convinced it is just the DDOS.

    Same Here

    Yep, I have switched vip servers, multiple resets, have not seen it open yet...

  • Type your comment> @Gboxx said:

    I get User D***D and Password N*******e, ssh locally not working, su not working, any suggestions ?

    thats the thing... don hv any login page too in the website

  • Spoiler Removed

  • Most probably a rabbit hole. They are way too in the open

    trollzorftw

  • anybody found a way to use creds? or just a simple rabbit hole?

    Hack The Box

  • edited November 2019

    God these creds for the user d***d but they seem to be useless

  • Type your comment> @minimal0 said:
    > I am not totally convinced it is the DDOS exploit which crashes the server.
    > I am on VIP and tried as soon as the box was release with nmap sT 10.10.10.165 and port 80 was closed.
    > After two reset, still closed.
    > So i am not totally convinced it is just the DDOS.



    It was open for me though. Its weird hmmm
  • The port 80 being closed problem should be resolved. And don't ever DoS on htb.

    clubby789

    • GCIH | GCIA
      If you need help with something, PM me how far you've got already, what you've tried etc (I won't respond to profile comments, or on box release night). And remember to +respect me if I helped you ; )
  • Type your comment> @Gboxx said:

    Type your comment> @Shad0wQu35t said:

    Type your comment> @Gboxx said:

    I get User D***D and Password N*******e, ssh locally not working, su not working, any suggestions ?

    thats the thing... don hv any login page too in the website

    I think these credentials are troll :(

    No, they aren't. Try harder

  • Type your comment> @olsv said:

    Type your comment> @Gboxx said:

    Type your comment> @Shad0wQu35t said:

    Type your comment> @Gboxx said:

    I get User D***D and Password N*******e, ssh locally not working, su not working, any suggestions ?

    thats the thing... don hv any login page too in the website

    I think these credentials are troll :(

    No, they aren't. Try harder

    Did you ever use them? If so, I am curious about that. I rooted it without ever using those credentials.

    trollzorftw

  • Type your comment> @trollzorftw said:

    Type your comment> @olsv said:

    Type your comment> @Gboxx said:

    Type your comment> @Shad0wQu35t said:

    Type your comment> @Gboxx said:

    I get User D***D and Password N*******e, ssh locally not working, su not working, any suggestions ?

    thats the thing... don hv any login page too in the website

    I think these credentials are troll :(

    No, they aren't. Try harder

    Did you ever use them? If so, I am curious about that. I rooted it without ever using those credentials.

    Yep. They eventually lead to D...

  • got user, root is hard, i'm still enumerating

  • Can I get a hint about how to start user without port 80 open?

  • *Spoiler Removed*
  • Got foothold and the credentials for the user, cant ssh or su to the user using the cracked credentials. Any hint on this one on how to escalate to user?

  • Type your comment> @casey said:

    Got foothold and the credentials for the user, cant ssh or su to the user using the cracked credentials. Any hint on this one on how to escalate to user?

    same here

  • Got initial shell, haven't found any creds, any hints?

  • Type your comment> @Shad0wQu35t said:

    Type your comment> @rholas said:

    Can I get a hint about how to start user without port 80 open?

    u need port 80 open in order to exploit into the system. the issue should be resolved now

    But port 80 is still closed, tried reset but not worked

  • Type your comment> @Ma1ware said:

    Got initial shell, haven't found any creds, any hints?

    try look for the folder used for html

  • edited November 2019

    got initial shell and found da*** credential, but unable to use su and ssh into da***. is that a rabbit hole?

  • Do we need the .hta***** file for getting user ?

  • I found creds but not worked, but found something in n...co.. and open a new page

  • Stuck with found creds too...

  • edited November 2019

    @OMYT said:

    Stuck with found creds too...

    same here xD

    OSCP | Stay root! | Twitter: S1lky_1337

  • Can someone pm me how to crack creds. I know how to use them..

    0byte

  • Type your comment> @stoffern said:

    Can someone pm me how to crack creds. I know how to use them..

    the usual tools run within a VM will crack them in a few seconds in your VM if done properly no need for high end GPU's or anything

    CurioCT

  • Сredits of user d *** d in the htp **** d file is a rabbit hole ?

Sign In to comment.