Wow, what a box! After two days of investigation and some hints I was able to figure what was needed. 2 days of continuous learning. As always the needed hints are in this forum.
is someone avaliable to PM me about privesc??? i have tried several times B** h******* with no success.
Could I get some help regarding B** P***** h*****ing, please. I read the “ColoState” page to get an idea about the process, but I am not sure how I can apply it. Cheers!
Login Bypassed
move to user
@AzAxIaL said:
Could I get some help regarding B** P***** h*****ing, please. I read the “ColoState” page to get an idea about the process, but I am not sure how I can apply it. Cheers!
Try to find out which configuration decides what you announce and play with it. Also use some tools to watch the traffic going around, to get a better understanding of sent packages.
Spoiler Removed - egre55
For priv esc, I’m able to t*pd**p after making certain modifications, and I’m able to see requests. What exactly are we looking for?
Hi guys,
I did the login, now I am in the web app, I inspected the code and found “check=” parameter and now I’m blocked. Some hint?
help please. Logged in into the front end but dir checker didn’t help me
ok, solved user flag. easy peasy
@sherl said:
ok, solved user flag. easy peasy
can you give me a hint? stuck after the login, tried to use the url to get a shell but no idea what to do
I found the c***k parameter and used the right encoding but I am still not getting any output or a reverse shell. Can someone PM me?
Guys if someone is willing to help, can you PM me.
I believe i’m getting very close to the final part and believe I have the concept in mind, but just can’t seem to put it into action.
for details: I already hijacked the B** Ro*** with Q*****.
@mabunemeh said:
Guys if someone is willing to help, can you PM me.I believe i’m getting very close to the final part and believe I have the concept in mind, but just can’t seem to put it into action.
for details: I already hijacked the B** Ro*** with Q*****.
I’m in the same position!
If someone could please discuss via PM, i’d be extremely grateful
Is it supposed to take a while after we’ve made the necessary change for continuing priv esc? I think I’ve done what I’m supposed to, but I’m not receiving traffic and it looks like the network is propagating through the wrong interface
Is anyone available to share a bit of guidance with privexec on this host. Unfortunately, my skill set in the needed area is a bit lacking and would I like to get a better grasp. I’ve read the documentation and understand the concept but I’m a bit lost on the actual implementation. Any feedback would be sincerely appreciated.