Hawk

@jfredett said:
I’m quite stuck, I’ve got a reverse shell, and I was able to find creds to get into the DB, but if there is some file out there with d******'s creds in it, I haven’t been able to find it.

Still, not bad for only my first box without too much help. Any hints on where to look for d*****'s creds conf file? I’ve got lots of enumeration done, but despite how thirsty I am, I don’t think I’ll be able to drink any dihydrogen monoxide till I find out where these things are at.

Keep looking, there’s a file that contains some plaintext information. You have to actually read through it though, it would be easy to miss if you skimmed too fast.

Spoiler Removed - egre55

Spoiler Removed - egre55

Folks, go with your instincts and don’t worry about DaVinci Coding forum posts. That said there are a lot of good hints in here. Enumerate, use google, keep notes and you’ll be good to go. Nice job to the creators :+1:

Can someone ping me about decryption I want to run my commands by you and see what I am missing. Thanks

Happy to return the favor if you are stuck on something I have finished and want a nudge.

Can someone give me some hints on decryption, I’ve tried using openssl and it takes hours to go through rockyou.txt even with a multi threaded python script.

@hermajordoctor said:
Can someone give me some hints on decryption, I’ve tried using openssl and it takes hours to go through rockyou.txt even with a multi threaded python script.

I have tried bash loop with openssl and other tool, both yield no legible results with my settings. I am sure it is just a cli arg that has to be right but I have tried a lot of permutations of cipher and digest no progress yet, including with the Drupal7 encryption settings.

Maybe it is the wordlist?

cracked thanks to some help, not hard, just requires a working version of o*****l :astonished:

Must be blind by now got user.txt but cant secure myself to the other side must overthinking it and i like aliases but im in the cloud there too…as goes for www-data got that shell atm but privesc from that seems too unachievable for my skills level…hints would appreciated trough pm thanks anyone

I’ve got the user flag and d***** password, I can’t figure out the priv esc. Please dm hints.

Edit rooted

@inspek said:
Must be blind by now got user.txt but cant secure myself to the other side must overthinking it and i like aliases but im in the cloud there too…as goes for www-data got that shell atm but privesc from that seems too unachievable for my skills level…hints would appreciated trough pm thanks anyone

nvm got the creds needed to secure m yself on the other side , python console now comes the h20 path

Finally got root!

could someone help me out on this? i know what to do and i (assume) i know how to do it but i encounter strange permission problems and the tools i’m using behave weirdly. i’d just like to know if i’m doing it wrong, i got user and h2 console access. it just doesn’t like me and yeah ,i could try other stuff but i’d like to not use metasploit. don’t get me wrong it’s a powerful tool but it’s also very obscure sometimes and i’d rather take the rocky road and figure it out (unless it’s 1500 lines of bash script because f**k that noise)

help me getting the user… Hint PLease!

How to to get enc file…?

@horrorshow1984 said:
could someone help me out on this? i know what to do and i (assume) i know how to do it but i encounter strange permission problems and the tools i’m using behave weirdly. i’d just like to know if i’m doing it wrong, i got user and h2 console access. it just doesn’t like me and yeah ,i could try other stuff but i’d like to not use metasploit. don’t get me wrong it’s a powerful tool but it’s also very obscure sometimes and i’d rather take the rocky road and figure it out (unless it’s 1500 lines of bash script because f**k that noise)

I’m in the same boat as you. Did you make any more progress?

@ThMgnfcntStnr said:

@horrorshow1984 said:
could someone help me out on this? i know what to do and i (assume) i know how to do it but i encounter strange permission problems and the tools i’m using behave weirdly. i’d just like to know if i’m doing it wrong, i got user and h2 console access. it just doesn’t like me and yeah ,i could try other stuff but i’d like to not use metasploit. don’t get me wrong it’s a powerful tool but it’s also very obscure sometimes and i’d rather take the rocky road and figure it out (unless it’s 1500 lines of bash script because f**k that noise)

I’m in the same boat as you. Did you make any more progress?

You and horrorshow1984 PM me, I’ll see if I can help

got it! thanks to @inspek!

Getting annoyed with Hawk, someone keeps Dossing the portal. Keep getting WARNING: Failed to daemonise. This is quite common and not fatal. Connection refused (111)

Rooted. PM if you need help

@hermajordoctor said:
Getting annoyed with Hawk, someone keeps Dossing the portal. Keep getting WARNING: Failed to daemonise. This is quite common and not fatal. Connection refused (111)

same here … please dont Dos the portal