@protsenko said:
> @tt0t3s said:
> I'm having a hell of a time trying to clone a repo. Is there some kinda trick to this that is different from how I would normally do this?
@tt0t3s said:
I'm having a hell of a time trying to clone a repo. Is there some kinda trick to this that is different from how I would normally do this?
nope. have a look inside the directory. there is a file where you can get the exactly url to use to clone it.
Can someone expound on how to narrow down where to look for vector for initial foothold? Dirbuster gave a lot of output so even just looking at the 200 response code is overwhelming 😴 to say the least. Every directory opens so far is bogus!!!
can someone pm me on initial foothold, i have the u*****e working recreated in my environment and had the hash file path working however keep getting 500 errors??
@protsenko said:
> @tt0t3s said:
> I'm having a hell of a time trying to clone a repo. Is there some kinda trick to this that is different from how I would normally do this?
Finally got root on this bad boy, by far has been the hardest box I've done and I really learned a lot. A day before it gets retired, just couldn't wait for that =P
Machine is super unstable. I was able to clone the git repo and find some info but still cant get user! AHHH! If anyone is willing to provide a nudge, please let me know
Good day guys, I got reverse shell but am having issues exploiting the db, got a particular db that I have access to but can't get datas out of it, hints on resources to check out??, Thank You
Hi all, I have a really strange problem. I am on to getting RCE. Wrote my exploit to get a reverse shell. When I execute it with my IP and Port as reverse IP and Port, I get a 500 Server Error. However, if I give any arbitrary IP (not mine), the exploit works. Has anyone an idea about what I'm doing wrong? Any hint is greatly appreciated
@Afolic said:
Box is retired just go read up the write up or check ipsec video on YouTube
I still want to do it on my own... What does retired mean, after all? It is still reachable, webserver still running. Does it mean, reverse shell is not possible anymore?
Comments
You have to enumerate a little bit more .
nope. have a look inside the directory. there is a file where you can get the exactly url to use to clone it.
Roooot, thanks all xD, PM if you need help
"
CCNP, CCNAx3
Just rooted. Really enjoy the journey!!.
Is some1 online right now to ask smth.I think im super close to first reverse shell but im stucked!!!I think i do smth wrong on encoding
can someone pm me on initial foothold, i have the u*****e working recreated in my environment and had the hash file path working however keep getting 500 errors??
(deleted)
this is the best clue ever,, thankyou bro
Finally got root on this bad boy, by far has been the hardest box I've done and I really learned a lot. A day before it gets retired, just couldn't wait for that =P
OSCP
Machine is super unstable. I was able to clone the git repo and find some info but still cant get user! AHHH! If anyone is willing to provide a nudge, please let me know
rooted! that was a wild ride! thanks @otaman for the nudge! Paying it forward, feel free to PM if you need help!
Hi all, I have a really strange problem. I am on to getting RCE. Wrote my exploit to get a reverse shell. When I execute it with my IP and Port as reverse IP and Port, I get a 500 Server Error. However, if I give any arbitrary IP (not mine), the exploit works. Has anyone an idea about what I'm doing wrong? Any hint is greatly appreciated
I still want to do it on my own... What does retired mean, after all? It is still reachable, webserver still running. Does it mean, reverse shell is not possible anymore?
Also, why do I get 500 only with my htb IP, not with others?