Hawk

who else got this error? Wrong user name or password [280-196] 280/28**0 (Help)

this box was easy. if you guys need help PM me on the main site and not the forum

@agnarus said:
who else got this error? Wrong user name or password [280-196] 280/28**0 (Help)

i do not know the reason but this was not the wat to get the PE.for PE, poison+exploitDB will help you.

Got user, onto root!

edit: rooted, what a fun box!

Rooted months ago, searching for alternative ways of rooting, please pm me if you’d like to discuss about it

I now logged in as user “D*****”, did the P*** F****** and then tried to use the credentials found but it says wrong username/password. Badly stuck at this point from so long. Any hint on how to proceed further please?

Great box! I learned some things about my ftp client (I thought it was better than it actually is) and the privesc was really cool :slight_smile:

I am trying to decrypt but the tool I am using is saying “.enc is not a salted xxxxxfile.”

???

ok I was able to get root … but now I am stuck in the console shell without any possibility to get root.txt … nudge me via pm please ! this is driving me nuts :-1: nice box by the way

How to decrypt the file… help please

<< redacted >>

Can anyone give me a nudge on this box? Got user and I am stuck now. Thank you.

Edit: Rooted. Another interesting machine.

rooted, really fun box! thanks @mrh4sh . Feel free to pm me if needed :slight_smile:

Rooted, finally! Good box.

Just rooted it, finally. Awesome box. Thanks :slight_smile:

I think I’ve kind of done this box backwards, but at any rate, can someone tell me what the ■■■■ the secret to the p21 is? I just see messages with what appears to be nothing in it. But we all know this is not possible!

I’ve enumerated the ■■■■ out of the box and looked at some configs, browsed over the h20 port, got some ssh usernames, etc. I guess I wanna do the box right and get this enc file from FTP.

Edit: Learn a new FTP command everyday :slight_smile:

Thanks!

nvm

Got root.
People here are mentioning that they got access to d****l, which I never got, before getting root. I’d like to discuss about your approaches and methods! Feel free to PM and educate me :slight_smile:

Helloo, I’m stuck in the privesc I can’t find that file with the password of d*****, I’m looking where the cms store the conf settings, but I didn’t see anything, I thought that is .P** file but I’m not sure. Any hint of where should I search?, or any keyword to use grep.

@w0xter said:
Helloo, I’m stuck in the privesc I can’t find that file with the password of d*****, I’m looking where the cms store the conf settings, but I didn’t see anything, I thought that is .P** file but I’m not sure. Any hint of where should I search?, or any keyword to use grep.

Perhaps you are looking at the wrong settings. A Google search will tell you the exact location for the file you are seeking