Stratosphere

No forum for this one, might as well make it.

I have done enumeration, and I found an exploit, but I can't find the exploit name. Can someone pm me and help me?

Thanks,

Raj Baweja

«13456715

Comments

  • What do you mean you found the exploit but not the name? PM me the details.

  • Any thoughts on Priv Esc? i see the thing and know i have to use it, but not sure how......

    Magavolt

  • Never mind....

    Magavolt

  • gaaaah been banging my head against a brick wall for a while now and need a clue :( enumerated to death (usual methods). There is a really obvious exploit that jumps out at you..I have tried this a number of different ways..sploit module, python scripts, manual exploit with no luck. Is this a major red herring?

  • I am in the same position atm, tried exploit but i won't work and cannot find another attack vector.

  • I found a username and password, which supposed to login to management Web based GUI , but it doesn't work and I have no clue what prevents my login! Please PM me if anyone get what I mean and wanna give some clue.

  • So Ive done enumeration and all the paths that i took ended up being deadends. Can I DM someone for some pointers.

    FloptimusCrime

  • Don't overlook your enumeration... Sometimes I will overlook stuff that is right in front of me.

    Magavolt

  • Still stuck despite a squllion wordlists thrown at it and reviewing contents of every page and contents and an nmap of every port. On the plus side I know a lot more about the Stratosphere :). Can someone provide a clue? Am I wasting my time with wordlists or trying to brute force a particular login?
  • same issue, use dirbuster, try to bruteforce login use default credential but still stuck ;(

  • i too am in the same boat as many of you, have nmap full, have gobusted etc. burp suited it and msfconsoled it, seen a few potential exploits tried msf exploit tried python scripts and a nmap scripts ... none of them seem to work...

    I feel i am missing something, is this one of those "specific" wordlists type of thing again?

  • you need more "action" gogogo

    loganayala

  • HelloWorld make some Action please ;)

  • edited May 2018

    Spoiler Removed - Arrexel

  • edited April 2018

    can i have some hint for privs esc? Spoiler Removed - Arrexel

  • Am I wasting my time trying to bruteforce the login? I have tried almost everything, a small nudge would be great :]

  • @Elephant7oast said:
    Am I wasting my time trying to bruteforce the login? I have tried almost everything, a small nudge would be great :]

    lights camera ( .ACTION )

  • Hello! wanted to ask about the tomcat credentials.
    I've exploited the thing and got RCE, but I have no way to scale to a full shell since the tomcat creds are not working, and they are from the conf file... :/

    Am I missing something? Thanks

  • Can someone take pity on me and tell me what the heck I'm going wrong trying to get a shell

  • Hi, I have exploited the thing and got RCE, but I cannot find a way to upgrade to a full shell with nc. When i try to get shell with netcat i saw 'connection timeout=3' error on results. Any help will be very good.

  • i find username and password but i cant access the manager , what happen ?

  • got user and found the script, completed the 'challenge' but the next script it tries to run is not found. Completely stuck!

  • nevermind, got root!

  • Totally in front of the wall.
    I did enumération, nmap, dirb, and nikto but nothing..
    I've also find some idea for exploit but it's not working.
    I've no idea of what to do..

    Jugulairel

  • Got RCE found a few creds to what seems like nothing lol a hint on what to do after rce.. can't seem to get a proper shell back. but I've been reading the file system and finding a lot of rabbit holes. A tip would be nice

  • @snowyDEN said:
    Got RCE found a few creds to what seems like nothing lol a hint on what to do after rce.. can't seem to get a proper shell back. but I've been reading the file system and finding a lot of rabbit holes. A tip would be nice

    Same here, a nudge would be appreciated.

  • If you have RCE you can reverse shell it... I didn't manage to find the entry point yet. I am still enumerating and searching in a specific file that I manage to download

  • Is anyone else having trouble taking ACTION and running the appropriate exploit for a reverse shell? I can't seem to get it to work correctly.

    NINGEN

  • Looking for an entry point still can't seem to find what I need. Found a file to download and went through it but still nothing. Need a nudge.

  • edited March 2018

    @zyaya said:
    If you have RCE you can reverse shell it... I didn't manage to find the entry point yet. I am still enumerating and searching in a specific file that I manage to download

    Yeah, need to revisit methodology. I can get a shell returned but it dies can't seem to handle std out. I'll try more later. Oh if you get send me a hint. Thanks.

Sign In to comment.