Vault

Reset incoming. Its epic slow

It’s okay-ish on EU Free 1 for me :slight_smile: Meantime I found a file in one of the directories that gives a 200 :slight_smile:

@janewilde did you use a short, medium o large dict?

Stuck in the vault …

found login page. but tried with s*l. doesn’t work… any hint?

still on enumeration
it is slow af

the box seems so fragile.
from nmap to directory enumeration i have different results on every scan i run

WTF how do you find out these things? I tried gobuster with medium directory but nothing yet…

@NicoF2000 said:
WTF how do you find out these things? I tried gobuster with medium directory but nothing yet…

Gobuster can’t find everything.

did you run nmap on ALL ports???

Hmm, I’m logged in to the server but can’t find user.txt…

@s1gh any hints how did you got shell without any spoiler?

Is there any reason why gobuster wont find any pages?

@barango said:
Is there any reason why gobuster wont find any pages?

Yes there is

i got ssh session trying lateral movement

@gudj4qu3r said:
@s1gh any hints how did you got shell without any spoiler?

Kinda hard giving a hint without spoiling. But continue enumerating.
You should be able to find an interesting page.

gobuster works just fine, you just have to search for the right thing.

Guys, after this machine is reset, please give it about 10-15 minutes for it to come back and be ready for your torture. Anything you do before that will be pointless and will just delay the boot time further.

where are you guys getting your dict files from? I have used the /usr/share/wordlists/dirb/common.txt and /usr/share/wordlists/metasploit/namelist.txt with gobuster and only found a few things. is there a better dict that i can use?

(sorry this is such a noob question, Im pretty new to this. i even had to look up gobuster because i hadnt heard of it before lol)

@Opaque said:
where are you guys getting your dict files from? I have used the /usr/share/wordlists/dirb/common.txt and /usr/share/wordlists/metasploit/namelist.txt with gobuster and only found a few things. is there a better dict that i can use?

(sorry this is such a noob question, Im pretty new to this. i even had to look up gobuster because i hadnt heard of it before lol)

You can try “directory-list-2.3-medium.txt”.