Mischeif

I found an interesting port open but have not been able to bypass it tried everything just got a 501 error.
Is the bypassing required or do i need to look elsewhere?

Stuck on that login page

@dmknght said:
I always get timeout error.

Same problem: after several bad auth on the web server, it looks like fail2ban or equivalent is filtering my connection to the http server…

you can get the login for the webserver when you enumerate a bit more…

Got past the login page however stuck because the information I located did not grant a user shell. I am going to reset, and see if the password got messed up somewhere. but I am trying to figure out next steps is someone has a hint

Had the same idea… but that didn’t do anything :frowning:
so back to the drawing board as to next steps…
understand from some comments mild guessing is needed… but can’t seem to match the hints :frowning:

IOT login u have to scan all all ports

so after scanning “ALL” the ports I am at another login page… now what to do there…

https://i.imgflip.com/2dqn6k.jpg :frowning:

Whats with this box, found the credentials, logged in, tried stego on the image, tried couple of things to be honest, what is this, should i consult the oracle or something ?
Its one of those type of boxes that “requires more enumeration i guess”

@avetamine said:
Whats with this box, found the credentials, logged in, tried stego on the image, tried couple of things to be honest, what is this, should i consult the oracle or something ?
Its one of those type of boxes that “requires more enumeration i guess”

yep… enumerate more…
did you look at the snmp info very good? any processes the pop out?

That was a fun box… learned quite a few things…
Not sure if I rooted it correctly… but did find the flag :slight_smile:
thank you @trickster0

@p3tj3v said:
That was a fun box… learned quite a few things…
Not sure if I rooted it correctly… but did find the flag :slight_smile:
thank you @trickster0

There was a previous box which had the exact same technique to get root. Ippsec made a nice and informative video about that, I suggest you take a look.

@artikrh said:

@p3tj3v said:
That was a fun box… learned quite a few things…
Not sure if I rooted it correctly… but did find the flag :slight_smile:
thank you @trickster0

There was a previous box which had the exact same technique to get root. Ippsec made a nice and informative video about that, I suggest you take a look.

And another one still active with almost the same technic (well, same principle, different program) :slight_smile:

I’m at work, but yeah so far lots of fun with this box, cant wait to get home tonight and follow up with what I found.

root flag got a cryptic message that got me confused… PM me please

EDIT: Perhaps that reflects the name of the box though…nice one @trickster0

So I got the creds which none work on ssh I have tried dirbuster as an authenticated user… No Luck… Tried a couple more angles put haven’t found anything to more forward any kicks would be great.

@dajuiceyone615 you need to contact the apache server

weird have not seen an apache service running on that box but I will keep digging