Nightmare

Hello,

I need some hint on Nightmare. I did lots of enum for the web and found some interesting things.

1/ do i need to bruteforce any login?
2/ shall i consider client side attacks??
3/ do i need to "guess" request parameters names ??

plz help

«1

Comments

  • These sound like questions rather that findings... :P

    Hack The Box

  • @eks said:
    These sound like questions rather that findings... :P

    lol :D

    Hack The Box

  • i need little bit help for this box. could anyone pm me ?

  • can anyone give a hint on what this box was based on?

  • Hi! could someone help me with Nightmare! I passed first step and can access to machine via s*** but now I have no more ideas :( PM Please

  • @s3b4stian said:
    Hi! could someone help me with Nightmare! I passed first step and can access to machine via s*** but now I have no more ideas :( PM Please

    There's an exploit that will apply well to your situation. Just make sure it matches your environment and I mean really make sure, don't just give it a cursory check :)

    Booj

  • @Booj said:

    @s3b4stian said:
    Hi! could someone help me with Nightmare! I passed first step and can access to machine via s*** but now I have no more ideas :( PM Please

    There's an exploit that will apply well to your situation. Just make sure it matches your environment and I mean really make sure, don't just give it a cursory check :)

    :+1: Thanks!

  • edited April 2018

    [Spoiler]. However, these [Spoiler] don't seem to [Spoiler]. Shall I search for [Spoiler]?

  • I need help with this machine, PM anyone?

  • Apologies for spoiling. Wasn't meant.

  • Hi I am able to have a shell, I enumerated the system but didn't find anything for privesc. hint needed please! Thanks! PM or netsec chat

  • Hey guys, I'm kinda stuck after initial enumeration. Would some kind soul PM me (here or on Mattermost) for a nudge (or just discussing my approach)? I'll show what I found so far.

  • Hello , could someone please help me for some hint ? That I've decoded the dante.txt to the poem and I've also noticed that's also xss vuln on my newly registered account on the site. And I have no idea to step forward. Thanks.

  • enumerate more and more, play with all web app functionalities

  • Could also use some guidance for privesc. Not sure how to explain without spoilers, and I'm not sure if I'm even on the right track.

    <spoilerfree>
    I see that the [redacted] has two [redacted]s of [redacted] [redacted]. I got a [redacted] that should [redacted] both [redacted]s, but having trouble getting [redacted] to [redacted] either [redacted].
    </spoilerfree>

    Hope that's confusing enough ;)

  • yes, quite confusing. I also noticed the XSS and then there is another *** thing which kind of seems relevant, but I haven't been able to use it for anything useful so far. And there is a third thing behaving in a way which would suggest that there might be *** there but haven't gotten anything out of it with my list of suggestions. Confusing and confused.

    lokori

  • @Booj said:

    @s3b4stian said:
    Hi! could someone help me with Nightmare! I passed first step and can access to machine via s*** but now I have no more ideas :( PM Please

    There's an exploit that will apply well to your situation. Just make sure it matches your environment and I mean really make sure, don't just give it a cursory check :)

    Can PM me please ? I found the exploit for my specific target but it doesn't work ...

  • edited May 2018

    May I have some nudge?

  • this box was amazing, I recomend it.

    Hack The Box

  • trying to exploit the ****, could i pm anyone ?

  • i can read data from db but stuck there ...

  • Hi guys can someone? Give me some hints about this box ? PM me please !

  • I'm still lost ...

  • hi, i have decode dante.txt.
    But I don't find the password for admin account.
    Help me find the password or advise for where a search

  • @khomkovova said:
    hi, i have decode dante.txt.
    But I don't find the password for admin account.
    Help me find the password or advise for where a search

    Me too T.T

  • edited June 2018

    ((

  • I need hint after get www-data shell

  • YOURE IN A SIMULATION JOHNNY @johnny87

  • I can read data from db but stuck there ...

Sign In to comment.