Jerry

what is wrong with this machine? even after reset the username and password doesnt work anymore

I tried all the default credentials but still can’t get it… what am i missing here…

Enumerate more, enumerate more :wink:

@packetrider said:
!!! damnit! that was it… I had it from the beginning but someone / everyone changed the password.

This is basically typical problem of a small dXck. What can do a sad, rejected person with a small dXck? Spoiling others fun is the only option. I think you should demonstrate more empathy. Life of someone who always has to pay for ■■■ is not a piece of cake …

I tried that password like 20 times… now it works… this machine sucks…

I finally got this machine. Getting in is hard because the password keeps getting reset. I just got lucky.

This box sucks. I’ve got the password, it works then when I try the next part of the exploit the password no longer works. Even after a reset, a few min later the password no longer works. Total waste of time.

@murp said:
This box sucks. I’ve got the password, it works then when I try the next part of the exploit the password no longer works. Even after a reset, a few min later the password no longer works. Total waste of time.

It’s because the password gets changed by someone everytime…

Well, I am able to login to manager/status, but when I try those creds to manager/html, I got 403 immediately. If I try other credentials I was asked for usr:pwd again, so I assume there is something going on. WTF:D

Looks like it started working good.
There should be some monitoring for trolling in place.

Well, that was an easy one :slight_smile:

Anyone want to PM me a hint on this one? I’m new to this and I think this one should be easy but I can’t find a way to brute force the login page.

Hi n0bf, bruteforce was not the right way :slight_smile:
If you have find the login page, you can try to find information to connect without bruteforce

Where is the user.txt file it isn’t in public or admin desktop files, and they’re all that I can see.
Also people keep resetting my webshell, you cannot use it, goes to my lhost…

rooted :frowning:

probably the easiest host ever, a bit over 5 min. for all

2…txt is weak!!!

Wow that was too easy… :smiley:

can people not change the password…

basic enumeration will get you in