NIbbles

1101113151619

Comments

  • @c60cb859 said:

    @GhostCat said:

    logedIn. enumerated directories. but cant find user.txt. any Hint ?

    What can you find?

    all the directories keep changing but most recently i was able to find image.php.

  • @GhostCat said:

    logedIn. enumerated directories. but cant find user.txt. any Hint ?

    Did you get a shell?

    v1ew-s0urce.flv
  • @xdaem00n said:

    @GhostCat said:

    logedIn. enumerated directories. but cant find user.txt. any Hint ?

    Did you get a shell?

    image.php looked like shell but cannot execute any linux commands. Apart from that i found monitor.sh

  • Hello! I think I have a problem. When I thought I'm logged in the application, the web throws: "Nibbleblog security error - User not logged". I've tried to change the params but nothings happens. Somebody could help me?

  • Spent half a day and so so frustrated with the admin panel. I saw the earlier messages and tried everything that I could think of! No matter what I try it won't take it :anguished: Can someone please DM...I am just tired now!

  • @tang0charlie said:
    Spent half a day and so so frustrated with the admin panel. I saw the earlier messages and tried everything that I could think of! No matter what I try it won't take it :anguished: Can someone please DM...I am just tired now!

    Never mind! Got it :)

  • @GhostCat said:

    @xdaem00n said:

    @GhostCat said:

    logedIn. enumerated directories. but cant find user.txt. any Hint ?

    Did you get a shell?

    image.php looked like shell but cannot execute any linux commands. Apart from that i found monitor.sh

    You should get a shell where you can execute commands, like ls and whoami

  • Is there any telegram group of HTB users?

  • I've read through the whole thread but still couldn't log into the web application. If anyone could give me some hints, please PM me. Thanks.

  • I managed to find the default login. Sorry for posting too hastily.

  • @c60cb859 said:

    @GhostCat said:

    @xdaem00n said:

    @GhostCat said:

    logedIn. enumerated directories. but cant find user.txt. any Hint ?

    Did you get a shell?

    image.php looked like shell but cannot execute any linux commands. Apart from that i found monitor.sh

    You should get a shell where you can execute commands, like ls and whoami

    got shell and user.txt. Thanks :)

  • any hints on prev-esc? got results for LinEnum.sh

  • If anyone needs help with this pm me.

  • Can anyone give me hints on the priv esc part? Thanks!

  • I couldn't upgrade shell. Can anyone give me little hint about that? (I think the solution doesn't include python.Am I right?)

    ghroot

  • @ghroot @Jukz @SiegeMinion hint search in google nibbles :)

  • @T3jv1l said:
    @ghroot @Jukz @SiegeMinion hint search in google nibbles :)

    I already rooted yesterday. Thanks tho! :)

  • Has someone reset the password on this? I don't have any resets left.

  • I am kinda lost, after running LinEnum and finding a file with root privilege i have no idea how to procede after that, anyone got a link on what to try after that?

  • I used cewl to generate a few credentials. I don't know if thats enough nor would I know to go from there if it wasn't. An help/hints? I know there were several hints previously

  • I've been using some exploit and payload, but I'm having this error:
    Exploit aborted due to failure: unknown: Unable to upload payload.

    andremilke

  • @Andross said:
    I used cewl to generate a few credentials. I don't know if thats enough nor would I know to go from there if it wasn't. An help/hints? I know there were several hints previously

    The user is a default and the password is on the first page of the site.Try to put them all in lowercase and uppercase, do your tests.

    andremilke

  • I have been looking for the default credential and i have tried everything to guess it but no successful. can anyone pm me for help???

  • I need a little help can someone send me a pm?

  • Hint: Make sure to get a pty on any shells. Let me know if you have questions.

  • I swear sometimes the freaking easiest ones are the trickiest because you overlook the obvious... good box.

  • My quick Guide is the following:
    1. get user access <<===========================
    step 1: try web access
    step 2: look behind the... DOM ;)
    step 3: Get the hint u find from step 2.
    step 4: Goto to this... hint ;)
    step 5: check known vulns on this & metasploit is a great help here (search for this very Xploit)... u will and up with a clue, of what u need to find... more hints: well, a username : password !
    step 6: Well, the username is so... common (u can also find it inside some... paths... ). The pass need a little guessing. Hint: It is in front on your eyes if start reading the challenge from the... very beginning. ;)
    step 7: Found them?... Congratz! Now use them in msf on tha corresponding Xploit... just to get meterpreter, shell, etc...
    step 8: get the flah of user.txt n go for # baby!
    2. g0t r00t? <<===========================
    What you need here is just to run one simple command that is very common when u perform enumerations... and yeS yoU shoulD knOw it! one more parameter is need on it ;)
    Then... follow your heart or make some lemonade (as a friend above suggested) .
    Hint: just put in this file what u need to know...

    Thiseas

  • @darthgucci said:
    nope, try using different payloads in metasploit. One works every time, the others are flaky. You just have to try them all

    I'm stuck I keep getting a 404 and no shell.

    I tried all of these payloads.:

    generic/custom normal Custom Payload
    generic/shell_bind_tcp normal Generic Command Shell, Bind TCP Inline
    generic/shell_reverse_tcp normal Generic Command Shell, Reverse TCP Inline
    php/bind_perl normal PHP Command Shell, Bind TCP (via Perl)
    php/bind_perl_ipv6 normal PHP Command Shell, Bind TCP (via perl) IPv6
    php/bind_php normal PHP Command Shell, Bind TCP (via PHP)
    php/bind_php_ipv6 normal PHP Command Shell, Bind TCP (via php) IPv6
    php/download_exec normal PHP Executable Download and Execute
    php/exec normal PHP Execute Command
    php/meterpreter/bind_tcp normal PHP Meterpreter, Bind TCP Stager
    php/meterpreter/bind_tcp_ipv6 normal PHP Meterpreter, Bind TCP Stager IPv6
    php/meterpreter/bind_tcp_ipv6_uuid normal PHP Meterpreter, Bind TCP Stager IPv6 with UUID Support
    php/meterpreter/bind_tcp_uuid normal PHP Meterpreter, Bind TCP Stager with UUID Support
    php/meterpreter/reverse_tcp normal PHP Meterpreter, PHP Reverse TCP Stager
    php/meterpreter/reverse_tcp_uuid normal PHP Meterpreter, PHP Reverse TCP Stager
    php/meterpreter_reverse_tcp normal PHP Meterpreter, Reverse TCP Inline
    php/reverse_perl normal PHP Command, Double Reverse TCP Connection (via Perl)
    php/reverse_php normal PHP Command Shell, Reverse TCP (via PHP)

    What am I doing wrong? Is the right one in there I'm just blowing it?

  • I am also having difficult with the default creds can any one DM me with some help on this?

  • edited May 2018

    Spoiler Removed - Arrexel

Sign In to comment.