Canape

Wanted to start a discussion page on this.
I've enumerated the page and ports. The ciphers are a deadlock , and dir* tools also failing drastically.

Tagged:
«13456711

Comments

  • edited April 2018

    canape is a greec/french word, translate it, but check again your scans.

    peek

  • Enumerate more, you probably missed something.

  • Hi! I need advices about the programmig language utilized for write the Simpson's Fan Site. PM please! Thanks!

  • edited April 2018

    I have an initial shell and some idea on where to go next. anyone who has user.txt up for letting me bounce ideas off of them? or anyone in the same position?

    pm me.

    Thanks.

  • trying to get rce but in a pickle , anyone have any ideas to bounce around to get the code working

    illwilll
    OSCP

  • @illwill said:
    trying to get rce but in a pickle , anyone have any ideas to bounce around to get the code working

    Send me your code! I am able to execute code, close to reverse shell!

  • got a reverse shell but the surprise was there is no user.txt, any hints to move forward, I did a lot of enumeration with the limited shell but nothing working till now.

  • User.txt is found when you pwn user account. You are probably not user yet

  • I've recreated the vulnerability on my local machine. I can get RCE, however, when I try to mimic these same techniques to the HTB machine I'm not getting a shell. Am I approaching this the wrong way? I guess I can look at LFI possibilities, but maybe I'm using a technique that isn't supported or wrong port.

  • @sheeets said:
    I've recreated the vulnerability on my local machine. I can get RCE, however, when I try to mimic these same techniques to the HTB machine I'm not getting a shell. Am I approaching this the wrong way? I guess I can look at LFI possibilities, but maybe I'm using a technique that isn't supported or wrong port.

    Depends on which vuln you're talking about :) PM me if you want

  • got a reverse shell but > @Laegir said:

    User.txt is found when you pwn user account. You are probably not user yet

    I know but I was expected to get it after getting the shell.

  • @elakwah said:
    got a reverse shell but > @Laegir said:

    User.txt is found when you pwn user account. You are probably not user yet

    I know but I was expected to get it after getting the shell.

    most of the times when you get a shell from a web server, you have to escalate to user to get the user.txt

  • Enumerate everything you have access to. Something you need might be stored elsewhere.

  • I'm loving this machine! The initial foothold was really fun and pretty unique, then the privesc to user was a bit boring. On to root now. We'll see how it goes!

  • always getting 500 internal server error can someone guide me on this thing?

    Hack The Box

  • Anybody else getting the error "ImportError: No module named posix"?

  • Hi,

    I got a shell but I'm struggling to escalate to the user account. Can I PM anyone what I have so far?

    Any help will be much appreciated

    Hack The Box

  • Hi
    need help when i send my exploit i have error BadPickleGet: 111

    Javox

  • @abogaida said:
    Hi,

    I got a shell but I'm struggling to escalate to the user account. Can I PM anyone what I have so far?

    Any help will be much appreciated

    NVM, I got it :)

    Hack The Box

  • can anyone give me the initial steps, can't get how to enter

  • Anyone can give me a little nudge? It's so bizarre

  • Getting 500 on RCE, what am i doing wrong?
    PM please

    Hack The Box

  • I am still struggling to get a shell on this. I have already copied the thing, created the other thing, but I think my exploit code is a little funky. Ive researched it, but definitely need someone to bounce ideas off of or someone to give me a hint. I've DM'd a couple of people in the thread already, but im feeling extra obsessive tonight. DMs preferred if anyone is available.

  • edited April 2018

    @deltaflux said:
    Getting 500 on RCE, what am i doing wrong?
    PM please

    HTTP errors 101:
    4xx - You f...ed up
    5xx - They f...ed up

    Maybe you did nothing wrong :)

  • getting 500 on RCE, don't know what I am doing wrong. Working fine on local machine.

  • I got so fed up with 500 that I wrote a simple Python program to give me a "shell" .. using RCE by uploading each command separately :) It's rather difficult to know why a reverse shell doesn't spawn like it should if you are blind. But if you really have RCE, then it's just a matter of trying harder.

    lokori

  • Attempt at initial foothold worked fine a day ago. Try the exact same request today and I get a 500 (even after a reset).

  • When I run the site locally I get an error: no module named posix. Could this also happen on the remote and that's why I get the 500 ?
  • @Nickktr said:
    When I run the site locally I get an error: no module named posix. Could this also happen on the remote and that's why I get the 500 ?

    You're getting 500 error because you're payload is wrong, causing server-side exceptions during your request.

    Hack The Box

  • @dyni0x3a said:
    getting 500 on RCE, don't know what I am doing wrong. Working fine on local machine.

    500 error code occurs because Python cannot add a string and a number, for example if your RCE is over os.system because it returns the code that the program accomplished

Sign In to comment.