when nmap -v u get 2222 open which is ESET use for connection between server and agent
tried to ./agen…sh --password= and ect but didnt work quite well
if someone could help pls tell us
Pretty cool box. First I found the wrong way to the root flag but today I figured it all out by myself. Was little tough for me but it is ineed a cool box. Whoever needs a hint lmk in PMS
@BlackArrow said:
I need some help…found usernames and decoded the code, ssh does not work that decoded password…Don’t know what to do…somebody help…
Think about what services are running on the system. Think about the creator. That’s how I got user, can’t help you with root though.
You said to think about the services running and the user who created. So I got that part, from other hints I got ‘more enum’ / ‘no brute forcing’ I already achieved the LFI and obtain some info … I won’t say what just in case it’s a spoiler. I am sort of a newbie. I really don’t want help … but can someone point in the right direction? I’ve scanned 1,000 ports should I can more?
I’ve run some LFI scripts to help me decode the shadow password path. I hope that wasn’t a spoiler. I looked for Xploits for the service that runs on p22. … I injected my own user request burp pro… man IF I can obtain user I’ll be grateful at this point. I hate asking for help!! any pm’s?
@BlackArrow said:
I need some help…found usernames and decoded the code, ssh does not work that decoded password…Don’t know what to do…somebody help…
Think about what services are running on the system. Think about the creator. That’s how I got user, can’t help you with root though.
You said to think about the services running and the user who created. So I got that part, from other hints I got ‘more enum’ / ‘no brute forcing’ I already achieved the LFI and obtain some info … I won’t say what just in case it’s a spoiler. I am sort of a newbie. I really don’t want help … but can someone point in the right direction? I’ve scanned 1,000 ports should I can more?
I’ve run some LFI scripts to help me decode the shadow password path. I hope that wasn’t a spoiler. I looked for Xploits for the service that runs on p22. … I injected my own user request burp pro… man IF I can obtain user I’ll be grateful at this point. I hate asking for help!! any pm’s?
You got LFI, that’s nice. Good job. You should stop overthinking this step, I know it might sound stupid because it is not possible for us humans to stop overthink. What I’m saying that it’s easy at that step. Simple enumeration will get you to the right path, enum again and again. PM me if you need any hint.
Sorry if I spoiled or anything.
may I get a hint, I already unzip the zip file and have the words in secret, also enumerated the port of service and got password but after login in this service I am still a normal user not root I need some hint