I have an initial shell and some idea on where to go next. anyone who has user.txt up for letting me bounce ideas off of them? or anyone in the same position?
got a reverse shell but the surprise was there is no user.txt, any hints to move forward, I did a lot of enumeration with the limited shell but nothing working till now.
I've recreated the vulnerability on my local machine. I can get RCE, however, when I try to mimic these same techniques to the HTB machine I'm not getting a shell. Am I approaching this the wrong way? I guess I can look at LFI possibilities, but maybe I'm using a technique that isn't supported or wrong port.
@sheeets said:
I've recreated the vulnerability on my local machine. I can get RCE, however, when I try to mimic these same techniques to the HTB machine I'm not getting a shell. Am I approaching this the wrong way? I guess I can look at LFI possibilities, but maybe I'm using a technique that isn't supported or wrong port.
Depends on which vuln you're talking about PM me if you want
I'm loving this machine! The initial foothold was really fun and pretty unique, then the privesc to user was a bit boring. On to root now. We'll see how it goes!
I am still struggling to get a shell on this. I have already copied the thing, created the other thing, but I think my exploit code is a little funky. Ive researched it, but definitely need someone to bounce ideas off of or someone to give me a hint. I've DM'd a couple of people in the thread already, but im feeling extra obsessive tonight. DMs preferred if anyone is available.
I got so fed up with 500 that I wrote a simple Python program to give me a "shell" .. using RCE by uploading each command separately It's rather difficult to know why a reverse shell doesn't spawn like it should if you are blind. But if you really have RCE, then it's just a matter of trying harder.
@dyni0x3a said:
getting 500 on RCE, don't know what I am doing wrong. Working fine on local machine.
500 error code occurs because Python cannot add a string and a number, for example if your RCE is over os.system because it returns the code that the program accomplished
Comments
canape is a greec/french word, translate it, but check again your scans.
Enumerate more, you probably missed something.
Hi! I need advices about the programmig language utilized for write the Simpson's Fan Site. PM please! Thanks!
I have an initial shell and some idea on where to go next. anyone who has user.txt up for letting me bounce ideas off of them? or anyone in the same position?
pm me.
Thanks.
trying to get rce but in a pickle , anyone have any ideas to bounce around to get the code working
OSCP
Send me your code! I am able to execute code, close to reverse shell!
got a reverse shell but the surprise was there is no user.txt, any hints to move forward, I did a lot of enumeration with the limited shell but nothing working till now.
User.txt is found when you pwn user account. You are probably not user yet
I've recreated the vulnerability on my local machine. I can get RCE, however, when I try to mimic these same techniques to the HTB machine I'm not getting a shell. Am I approaching this the wrong way? I guess I can look at LFI possibilities, but maybe I'm using a technique that isn't supported or wrong port.
Depends on which vuln you're talking about
PM me if you want
got a reverse shell but > @Laegir said:
I know but I was expected to get it after getting the shell.
most of the times when you get a shell from a web server, you have to escalate to user to get the user.txt
Enumerate everything you have access to. Something you need might be stored elsewhere.
I'm loving this machine! The initial foothold was really fun and pretty unique, then the privesc to user was a bit boring. On to root now. We'll see how it goes!
always getting 500 internal server error can someone guide me on this thing?
Anybody else getting the error "ImportError: No module named posix"?
Hi,
I got a shell but I'm struggling to escalate to the user account. Can I PM anyone what I have so far?
Any help will be much appreciated
Hi
need help when i send my exploit i have error BadPickleGet: 111
NVM, I got it
can anyone give me the initial steps, can't get how to enter
Anyone can give me a little nudge? It's so bizarre
Getting 500 on RCE, what am i doing wrong?
PM please
I am still struggling to get a shell on this. I have already copied the thing, created the other thing, but I think my exploit code is a little funky. Ive researched it, but definitely need someone to bounce ideas off of or someone to give me a hint. I've DM'd a couple of people in the thread already, but im feeling extra obsessive tonight. DMs preferred if anyone is available.
HTTP errors 101:
4xx - You f...ed up
5xx - They f...ed up
Maybe you did nothing wrong
getting 500 on RCE, don't know what I am doing wrong. Working fine on local machine.
I got so fed up with 500 that I wrote a simple Python program to give me a "shell" .. using RCE by uploading each command separately
It's rather difficult to know why a reverse shell doesn't spawn like it should if you are blind. But if you really have RCE, then it's just a matter of trying harder.
Attempt at initial foothold worked fine a day ago. Try the exact same request today and I get a 500 (even after a reset).
You're getting 500 error because you're payload is wrong, causing server-side exceptions during your request.
500 error code occurs because Python cannot add a string and a number, for example if your RCE is over os.system because it returns the code that the program accomplished