Mischeif

Hi guyz, same here stuck at 2nd login page.

Update : got it!

How did you find 2nd login page?

Totally stuck with this.

Found the second login page; tried sqli, common user/pass combinations, created custom wordlist: no success
Found open udp port; tried some commands but I don’t get anything back, not even a banner so no clue what is going on there.
Also, I can’t understand the hints were given here.

Some help would be really appreciated. And no enumerate more please! I think I enumerated all I could.

Hope I am not spoiling anything. Everything I said was already written by someone in this thread.

I’m stuck on the second login page as well. I’ve tried:

  • Credentials from the first login page, forwards and backwards.
  • Bruteforcing the password, with the username set to l**i and the two passwords as usernames.
  • Bruteforcing the username, with the passwords from the first login page.
  • Bruteforcing both the username and password.
  • All of the above with a custom wordlist based on all the words seen so far.

Neither nikto nor gobuster were able to find anything useful on the second server. I do not see any further clues in the log file from when I “took a walk”.

What am I missing?

@opt1kz said:
I’m stuck on the second login page as well. I’ve tried:

  • Credentials from the first login page, forwards and backwards.
  • Bruteforcing the password, with the username set to l**i and the two passwords as usernames.
  • Bruteforcing the username, with the passwords from the first login page.
  • Bruteforcing both the username and password.
  • All of the above with a custom wordlist based on all the words seen so far.

Neither nikto nor gobuster were able to find anything useful on the second server. I do not see any further clues in the log file from when I “took a walk”.

What am I missing?

talk to me on MM. I am with same nick. Can help on this without spoiling fun

those struggling with 2nd login. They must have not enumerated on a well known service or they didn’t bothered to read every single line on that service

hi
can anybody pm im stuck on priv esc

Getting the root flag was very frustrating. Be sure enough you find all the passwords, else you get nuts :slight_smile:

Finally got root

This server is AMAZINGLY CRAZY. Rooted!

Rooted! One of my favourite boxes to date…

Epic palm face ending… haha.

@nyws said:
Epic palm face ending… haha.

Not sure about the ending but I am constantly faceplaming.

I currently have no idea where I should even begin for root.

Ok - I think this box is awesome but I can’t decide if I love or hate the creators. So many twists.

Hi guys, for the http… basic-.---- n… at …6 tcp port is bruteforcing needed? Any hints to bypass it?

Guys, any tips by pm for mischief user. It is first time for me against http basic auth. Maybe is it simple? Bruteforcing dir is not working and changing post/get paran for a Let, maybe is getting 500 error…

@9999volts said:
Well, using the sn… enumeration, i did read in enumeration result a hight port listening on ud… but nmap says that it is filtered and “unknow”… How to know what service is running behind, is really open that port? am i in the right path? I found a ipv…x packet in enumeration result, but how to know ipv…x number for this machine? Any hints would be appreciated.

Did you manage to get anywhere? I think im in the same boat as you at the moment.