Europa Initial Foothold

2»

Comments

  • Hi i am stuck on the admin portal.Can i ping someone about it??

  • Bypassed the admin portal, also knows what exploit to use to get initial shell, but don't know how to use that exploit. Please guide me a little bit.

  • Everyone is saying the bypassed the admin portal. Does this bypassing involve burpsuite, or is burpsuite used after the bypass? redirects bypass?

    alt text

  • @whipped you can use burp suite but you don't need to.

    I'm stuck in the admin portal. Working on a certain component but haven't been able to get much farther yet. I've enumerated other directories, and limited content within one of those directories. Sitting at a stand still at the moment though. Tried some stuff on the page that accepts input, but nothing yet.

    I'm confused when some people are saying you 'stare at burp for hours'. Because you're enumerating (brute forcing) directories / components? Or you're sending requests on a certain page?

  • this was a confusing box. I think I paid to much attention to the comments here, burpsuite all day etc.. there is a much easier way getting the initially foothold on this box. Priv.esc is easy.
    :astonished:

    A113n

  • @kophjager263 said:
    @whipped you can use burp suite but you don't need to.

    I'm stuck in the admin portal. Working on a certain component but haven't been able to get much farther yet. I've enumerated other directories, and limited content within one of those directories. Sitting at a stand still at the moment though. Tried some stuff on the page that accepts input, but nothing yet.

    I'm confused when some people are saying you 'stare at burp for hours'. Because you're enumerating (brute forcing) directories / components? Or you're sending requests on a certain page?

    Just out of curiosity, I'm enumerating the directories I've found using the 2.3-medium wordlist that comes with kali. Are there better wordlists I should be using?

    alt text

  • "burp all day" is meant to get you to focus on what's actually going on here and you'll most likely never catch the actual parameter to use your payload against without burp. Or maybe you will, idk.

    likwidsec

  • @whipped, not sure. I found a variety of directories but I'm not entirely certain there is anything of significant value in any of them. I found one file within one of the directories (0 byte) nothing seem to be useful to me at the moment. The entry point, once you've accessed the admin panel, will be one of those readily obvious components.

    @likwidsec, thanks for that. I'm sure i will facepalm myself shortly LOL.

  • edited November 2017

    My Burp installation is broken, do you think it is feasible to use OWASP ZAP instead of Burp?

    ** update ** never mind, got burp working again

    Hack The Box

  • Im stuck at the admin portal. performing sql injection burp repeater is providing some(many) 32 bit hashes, but none of them are working . any hint?

  • any hint about how to using burp to pass the admin-portal?
    I have no experience with burp or there is any way without using it.

    zztczcx

  • @zztczcx said:
    any hint about how to using burp to pass the admin-portal?
    I have no experience with burp or there is any way without using it.

    Burp is one tool to use.
    You could try other proxy tools, like Tamper Data. Maybe this is for you.
    Think on what happens on the client /server side on a login page.

Sign In to comment.