nvm
Got root.
People here are mentioning that they got access to d****l, which I never got, before getting root. I’d like to discuss about your approaches and methods! Feel free to PM and educate me
Helloo, I’m stuck in the privesc I can’t find that file with the password of d*****, I’m looking where the cms store the conf settings, but I didn’t see anything, I thought that is .P** file but I’m not sure. Any hint of where should I search?, or any keyword to use grep.
@w0xter said:
Helloo, I’m stuck in the privesc I can’t find that file with the password of d*****, I’m looking where the cms store the conf settings, but I didn’t see anything, I thought that is .P** file but I’m not sure. Any hint of where should I search?, or any keyword to use grep.
Perhaps you are looking at the wrong settings. A Google search will tell you the exact location for the file you are seeking
@securityNinja said:
@w0xter said:
Helloo, I’m stuck in the privesc I can’t find that file with the password of d*****, I’m looking where the cms store the conf settings, but I didn’t see anything, I thought that is .P** file but I’m not sure. Any hint of where should I search?, or any keyword to use grep.Perhaps you are looking at the wrong settings. A Google search will tell you the exact location for the file you are seeking
I’m looking inside v**/w**/h***/, is these dir wrong???
Got the file, but tried the contents in 3 ways found from scan and could not get in, hmm.
Can anyone PM me a hint - as far as I can tell I’ve decrypted the .enc file for a password but I have no clue what user / where I’m meant to actually use it…
I need help with privilege escalation could someone please guide me
Would anyone mind giving a nudge on where to find the pw for D*****. Got a reverse shell on the machine and ive looked through any file that i can come to think of.
Thanks
@stigxenon said:
Would anyone mind giving a nudge on where to find the pw for D*****. Got a reverse shell on the machine and ive looked through any file that i can come to think of.
Thanks
var/www/html/sites/default
Try hope yoy found
i got. root if u need help. pm me . but pls send your messages on main page.
Any hint for user? I already know FTP allows anon logins, but there are no files… only a folder “messages” with nothing inside of it.
@Ac1d0 said:
Any hint for user? I already know FTP allows anon logins, but there are no files… only a folder “messages” with nothing inside of it.
Check the folder again.
–NVM
Well, even If I enable the passive mode on my FTP I’m getting no file in the dir “messages”… IDK
@Ac1d0 said:
Well, even If I enable the passive mode on my FTP I’m getting no file in the dir “messages”… IDK
maybe the file is not directly visible?
@scp said:
@Balzabu said:
Well, even If I enable the passive mode on my FTP I’m getting no file in the dir “messages”… IDKmaybe the file is not directly visible?
That’s a nice hint, but I’m stuck the same… I also tried activating the “passive” mode but nothing to do
Dont have any clue of what to do on hawk. Can anyone give me an initial foothold?
*logged to ftp as anonymous user
*ftp is empty
*site runs Drupal 7.58?
*found an drupal exploit, but must be authenticated
@4tl4a5 said:
Dont have any clue of what to do on hawk. Can anyone give me an initial foothold?*logged to ftp as anonymous user
*ftp is empty
*site runs Drupal 7.58?
*found an drupal exploit, but must be authenticated
Sure that FTP is empty?