Could anyone nudge me in the right direction for priv esc. Have a couple ideas but shaky on the execution part…
hello everyone, I found some pages about uploaded stuff… but I have no clue how to use that. Could anyone give me a little push in the right direction?
I’m able to upload, and I know where they are going to. Having issues with payload. Can someone pm me so I can just check I’m not barking up the wrong tree
@AgentTiro said:
I’m able to upload, and I know where they are going to. Having issues with payload. Can someone pm me so I can just check I’m not barking up the wrong tree
seconded, same here
@digitalp2k said:
@AgentTiro said:
I’m able to upload, and I know where they are going to. Having issues with payload. Can someone pm me so I can just check I’m not barking up the wrong treeseconded, same here
third that, tried a lot of formats with msfvenom but no luck
PM me for hints on payload for initial foothold.
Got root finally. That was a doozy and a fun one, especially after getting past the unstableyness. Shout out to @mrb3n for the good stuff
Best tip for this box: mind the architecture.
@valkyrix said:
@digitalp2k said:
@AgentTiro said:
I’m able to upload, and I know where they are going to. Having issues with payload. Can someone pm me so I can just check I’m not barking up the wrong treeseconded, same here
third that, tried a lot of formats with msfvenom but no luck
And … me too… I have tried many options like shell, reverse, web and exif in many format asp, aspx, php. Thus, I think my way to upload is not correct. I would appreciate help to learn something new.
Rooted the SYSTEM…PM for help !!!
@bonjourpancake said:
Could anyone nudge me in the right direction for priv esc. Have a couple ideas but shaky on the execution part…
so uh I had it right the first time but I just had to reset the box… rip
Got root ! available for PM
small advice, prepare everything in advance so you’re not disturbed by other people trying the same thing
@darkz3ro said:
easy box but unstable , i don’t know if someone deleting files but i can’t have more than 1 minute with a shell then i need to reset the machine.
How are you able to access your webshell? Whenever I go to the Spoiler Removed - Arrexel it just gives me a 403. And of course a direct answer to this would be a spoiler but could you nudge me in the right direction. I have exhausted my word-lists for dir busting.
Spoiler Removed - Arrexel
@mpgn said:
@sahil said:
Spoiler Removed - ArrexelSpoiler Removed - Arrexel
IT WORKED!!! Thank you so much!
I keep getting endless 500 errors, the effing eff.
@digitalp2k said:
I keep getting endless 500 errors, the effing eff.
then your payload if wrong. Try to be simple
@mpgn said:
@digitalp2k said:
I keep getting endless 500 errors, the effing eff.then your payload if wrong. Try to be simple
even simple cmds are coming back as 500, I get 3 from the Googled script, but when I try and run any other commands, nothing.
I have the initial scan but think I’m down a rabbit hole chasing OPTIONS?? Dir buster brings me to a directory with no access??
server just hangs when I try to execute a payload/payload. I know the correct path/method. Is this expected?
@onlyamedic said:
server just hangs when I try to execute a payload/payload. I know the correct path/method. Is this expected?
I tried very complex payloads in the beginning. Those behave like you describe.