@pzylence said:
for those who are stuck where to go after getting first login page:
if [SPOILER]. then rest is how you enumerate.
I think that it is a major spoilerā¦ When there is too much info from enumeration and the comments here.
Is saying something is a spoiler even more of a spoiler since it confirms the spoiling?
āThe Spoils of the spoiler can not be his by rightā
-Dante Alighieri, Divine Comedy Canto XIII Ln 105
@pzylence said:
for those who are stuck where to go after getting first login page:
if [SPOILER]. then rest is how you enumerate.
I think that it is a major spoilerā¦ When there is too much info from enumeration and the comments here.
Is saying something is a spoiler even more of a spoiler since it confirms the spoiling?
āThe Spoils of the spoiler can not be his by rightā
-Dante Alighieri, Divine Comedy Canto XIII Ln 105
Yeah Iām deep in a hole on this one. Too far in to explain here, Would love a PM from someone who has root so I can explain where I am at.
UPDATE: trickster0 is a freaking Sadistā¦ and I love him for it.
Got root, AMAZING box, Lots of face bashing, learned a lot, so many well put together layers.
I think iām missing something after logging in to the first page. Iāve found something else that I think might be a key but it doesnāt work for me, it may be that my calculations are wrong or iām just going in the wrong direction.
If someone could kindly PM me so i could ask a couple of questions iād be thankful!
Hi all, like other users I am stuck at the second login page. I pretty much tried everything basic, so I think I am sticking to the basics Anyone wants to exchange ideas with me in PM?
@kecebong said:
Iām stuck at web protected page with 2 creds on the page, tried to bruteforce with those creds, none are working. Found 2 tcp and udp. Anyone can shed some lights whatās the next step?
Thank you
trickster0 , you really made us work for the flags man!!!
Anyway, guys, give you guys some directions.
On the initial foothold, if you realised you only have 2 ports, try all ports including the ones we donāt usually scan.
Once you discover that port, go dig it, thereās useful info there. (Skip Sitting by the dock of the bay, thatās wastinā time).
You will discover thereās some service that is running that you canāt find where it connects, think of an internet standard was established on 14 July 2017
Once you connect to the service, you need to think what commands to run to show certain files at certain directories.
When you try to privesc, try to run certain command to understand what certain users cant do and what other users can do.
Browsing the authorās github may help in one step of the process.