Jerry

didnt like this box much :frowning: was annoyed at how long it took me to find what i needed ugh

Spoiler Removed - Arrexel

@H4ck3d5p4c3 said:
didnt like this box much :frowning: was annoyed at how long it took me to find what i needed ugh

you still could have learned a lot though from searching for other stuff! :slight_smile:
cause someone had messed the machine up. before resetting it and getting access i read quite some stuff i did not know

@Shadow2Xx said:
Could once log in into the manager app, but from there I couldn’t get any further. Now I can’t log in anymore:/

Reset the machine.

Anyone I can PM about this box? I want to make sure I am on the right track.

@Shadow2Xx said:
Could once log in into the manager app, but from there I couldn’t get any further. Now I can’t log in anymore:/

As already mentioned by felli0t there are l*w life people that enjoy changing passwords. This is the second box in the row, really lame.

@packetrider said:
After watching 90 people own this box in less than an hour and getting nowhere myself feeling pretty noobish.

For everyone that is struggling with this Box, keep in mind the entry point and the name of the box, even if you don’t know the platform this was made off talking about the panel you will probably find. The panels has somehow the same name as a cartoon now you can guess what characters played over it and test that theory out. The box is easy take your time, enumerate the services locate the exploits try details into the forms and do it manually or exploit it via msf. This box should take atleast 5 mins for exploitation regarding the people who are more familiar with the specific platform that was used into the box for the members to exploit. Have fun, and keep hacking all of you!

I’ve seen a few people mention here and in the shoutbox how the password on Jerry keeps getting changed, so before I spend any time on it can anyone tell me if the password can be found somewhere or if we are meant to make an educated guess as to what it is? If we’re meant to guess it, but it keeps getting changed then it seems there is no point starting this box.

Spoiler Removed - Arrexel

the user and password combination is visible to you at some point, and a search for default credentials brings it up as well.

!!! damnit! that was it… I had it from the beginning but someone / everyone changed the password.

I know the creds, I reset the machine but still unable to log in the manager panel, are they changing passwords? wtf

Lord, finally managed to log in. I must have tried these credentials about 10 times already among a plethora of other ideas but of course people think it’s fun to mess with the box.

is someone deleting the uploaded war files? I don’t understand if is some douchebag doing so or tomcat. Got the shell but connection dies after 10 secs because of the deleted file.

Yeah, I couldn’t get into this box last night to save my life. This morning about a minute after someone reset the box I was able to try and get manager access just using list of default credentials. So if anyone was banging their head against the wall on this one, reset it and give it another try.

Oh, and for anyone who doesn’t spend a lot of time on windows, “type” is the windows equivalent of “cat” when you finally find the flag text file.

easy and simple box nothing complicated, basic enum will let you own it in a matter of minutes, i like those kind of boxes they represent simple misconfigurations on real production enviroments.
+1 to the creator

+1

@Cryovenom said:
Yeah, I couldn’t get into this box last night to save my life. This morning about a minute after someone reset the box I was able to try and get manager access just using list of default credentials. So if anyone was banging their head against the wall on this one, reset it and give it another try.

Oh, and for anyone who doesn’t spend a lot of time on windows, “type” is the windows equivalent of “cat” when you finally find the flag text file.

you should not give that much out… i mean this machine is easy, so this stuff is the minimum to research if you are new… just my perspective though. :slight_smile:

@w31rd0 said:
you should not give that much out… i mean this machine is easy, so this stuff is the minimum to research if you are new… just my perspective though. :slight_smile:

Yeah the box is easy, it’s hard not to give too much away while helping people not go crazy from the fact that some jackass keeps changing the password. (and type == cat isn’t a spoiler, just saving them a 30 sec google search).

I was getting frustrated on this box, and it helps knowing if you were on the right track. Else you might never go back and re-do your initial stages and figure it out.

what is wrong with this machine? even after reset the username and password doesnt work anymore