@J0ckr , I have sent you a PM. @DarthVaper , try to unzip on your local machine.
@newhacker96 , I try to gain access to root too. I think I am close.
First, you need to enumerate. You can use LinEnum.sh or just use some commands and see informations you get. If you are new in pentest, read about what enumeration is and how you can do it. Then, you will find something you can use. At this point, you need to think how a sysadmin could use what you found.
Hi, used lfi, got some files… I have the usernames and the encryptet code.
I’m now struggeling with the decryption. Tried several algorithms, but it doesn’t work. It would be great if somebody could give me a hint. Just a hint, not the solution… (:
Once you have the zip unzipped then the contents purpose will become obvious once you have have worked out the priv esc.
The thing is I know how perform the priv. esc. At least, I think. I found the vulnerable service and which protocol to use to reach it. And I’m stuck here. How use the zip file at this point ? I have read a lot the manual of clients for this protocol, but I can’t find the particular option. Please, give me a hint.
I don’t know if I’m on the right road. I’ve successfully gained a normal shell and unzipped the file. I checked for services and I think I found the one I need to use, I might be wrong though. However, it tells me that its unable to open display. Help?
Once you have the zip unzipped then the contents purpose will become obvious once you have have worked out the priv esc.
The thing is I know how perform the priv. esc. At least, I think. I found the vulnerable service and which protocol to use to reach it. And I’m stuck here. How use the zip file at this point ? I have read a lot the manual of clients for this protocol, but I can’t find the particular option. Please, give me a hint.
I did it ! Finally ! I tried to use the wrong secret file, so it didn’t work well. I am a stupid guy.
@xdaem00n said:
I don’t know if I’m on the right road. I’ve successfully gained a normal shell and unzipped the file. I checked for services and I think I found the one I need to use, I might be wrong though. However, it tells me that its unable to open display. Help?
Think like a sysadmin. What a sysadmin, with security knowledge, would to do ?
@resiliencia90 said:
Hi, used lfi, got some files… I have the usernames and the encryptet code.
I’m now struggeling with the decryption. Tried several algorithms, but it doesn’t work. It would be great if somebody could give me a hint. Just a hint, not the solution… (:
This is my second machine & I’m in the same boat, I have used LFI to access certain files and have the usernames & encoded password. Not sure where to go from here. Nothing interesting with dirbuster either. Did you get further?
@resiliencia90 said:
Hi, used lfi, got some files… I have the usernames and the encryptet code.
I’m now struggeling with the decryption. Tried several algorithms, but it doesn’t work. It would be great if somebody could give me a hint. Just a hint, not the solution… (:
This is my second machine & I’m in the same boat, I have used LFI to access certain files and have the usernames & encoded password. Not sure where to go from here. Nothing interesting with dirbuster either. Did you get further?
Nope, will work on it now. Going to take a step back and enumerate more… maybe we missed something?!
Also tried log-injection but weren’t able to get a shell.
It’s also my second machine… Nibbles was easier
@resiliencia90 said:
Hi, used lfi, got some files… I have the usernames and the encryptet code.
I’m now struggeling with the decryption. Tried several algorithms, but it doesn’t work. It would be great if somebody could give me a hint. Just a hint, not the solution… (:
This is my second machine & I’m in the same boat, I have used LFI to access certain files and have the usernames & encoded password. Not sure where to go from here. Nothing interesting with dirbuster either. Did you get further?
@karelchajim said:
I am able to inject code, read files through log, but I am not able to get reverse shell:-/ Neither I am able to upload file…stuck:-(
Got the shell. Now an priv esc.
Thank you guys, already learned a lot.
If you still need a hint feel free to send me a message.
@resiliencia90 said:
Hi, used lfi, got some files… I have the usernames and the encryptet code.
I’m now struggeling with the decryption. Tried several algorithms, but it doesn’t work. It would be great if somebody could give me a hint. Just a hint, not the solution… (:
This is my second machine & I’m in the same boat, I have used LFI to access certain files and have the usernames & encoded password. Not sure where to go from here. Nothing interesting with dirbuster either. Did you get further?
Nope, will work on it now. Going to take a step back and enumerate more… maybe we missed something?!
Also tried log-injection but weren’t able to get a shell.
It’s also my second machine… Nibbles was easier
Ha, that was my first machine as well. I sent you a PM.