@Waffles said:
Having trouble with PrivEsc, if somebody feels like giving some advice please PM me.
Don’t over complicate, find the arch of the machine and follow this rabbit
Holy ■■■■!
I spent so long on getting a stable functional reverse shell that I didnt even notice this part. Literally after you said that the light bulb turned on and and 5 min later i had root.txt
Found interesting files. Do a google search and using dirb is enough. I think this step is uncommon so maybe you could skip it (for anyone found nothing in Web Server)
I’m uploading a file generated with msfvenom compatible with the web arch of this server, meterpreter/reverse_tcp and dosen’t work, does nothing, i tried also in one of my virtual machines with the same webserver installed on it and does not work the same. I think msfvenom has problems to generate working files for this specific web arch, has any of you the same problem?? Should i find an alternative way than msfvenom and metasploit handler to get a reverse shell??
Guys I strongly recommend doing this box in a private (FF) or incognito (Chrome) window and be sure to delete all site data (cookie, cache, offline data, etc.). Once I figured this out (with the help of @im4x5yn74x), I didn’t have to keep resetting the box. I was able to recover it after it started to hang, which it did A LOT. Practically after every “major” command I ran. Until I caught onto this, I was unable to “execute” despite my other successes. I hope this helps someone.
Remix: Ok, it’s actually better without the private/incog window. That way you can delete the site data when you need to without sometimes needing to reopen the window.
yeah, delete cookies if it hangs. wait for a moment if it throws 500’s at you if that doesn’t work.
Got root on eu-free without a single reset necessary. Just a lot of patience. Don’t enter the race of who can overwrite stuff faster, just give it a minute and try again.
hello everyone, I found some pages about uploaded stuff… but I have no clue how to use that. Could anyone give me a little push in the right direction?
I’m able to upload, and I know where they are going to. Having issues with payload. Can someone pm me so I can just check I’m not barking up the wrong tree
@AgentTiro said:
I’m able to upload, and I know where they are going to. Having issues with payload. Can someone pm me so I can just check I’m not barking up the wrong tree
@AgentTiro said:
I’m able to upload, and I know where they are going to. Having issues with payload. Can someone pm me so I can just check I’m not barking up the wrong tree
seconded, same here
third that, tried a lot of formats with msfvenom but no luck
Got root finally. That was a doozy and a fun one, especially after getting past the unstableyness. Shout out to @mrb3n for the good stuff
Best tip for this box: mind the architecture.
@AgentTiro said:
I’m able to upload, and I know where they are going to. Having issues with payload. Can someone pm me so I can just check I’m not barking up the wrong tree
seconded, same here
third that, tried a lot of formats with msfvenom but no luck
And … me too… I have tried many options like shell, reverse, web and exif in many format asp, aspx, php. Thus, I think my way to upload is not correct. I would appreciate help to learn something new.
@darkz3ro said:
easy box but unstable , i don’t know if someone deleting files but i can’t have more than 1 minute with a shell then i need to reset the machine.
How are you able to access your webshell? Whenever I go to the Spoiler Removed - Arrexel it just gives me a 403. And of course a direct answer to this would be a spoiler but could you nudge me in the right direction. I have exhausted my word-lists for dir busting.