stuck on getting initial foothold. Found some interesting files and ports, but I’m not getting anything when trying to connect/interact with them. does anyone have some references that would be helpful?
Edit: nvm my syntax was off. If you are stuck where I was check out ippsec’s video on Sneaky
Hello everyone, i understand i need to use a bgp hijacking technique cause quagga service is running and tcpdump to intercept traffic passing through the router but i don’t know how to do it. May someone help me ?
I’ve been playing around with the router service, changed the conf, and can telnet to the device but not sure where to go from here. I’m familiar with the routing protocols in use (at a Network+ level) but I’m pretty much stuck. Can I PM someone for some assistance? Thanks!
Hey can anyone give a hint for RCE? I know it has something to do with c**k parameter but can’t figure out how to use it (checked Testing for Command Injection (OTG-INPVAL-013) - OWASP ) but just can’t seem to figure out how…
Edit: Got user, thanks @AverageJuan for the hint
@opt1kz said:
I just started poking at it, so I’m still enumerating and working on user. Is the serial number thing a dead end? Edit: It is not a dead end. Just had to enumerate more.
Stuck at this point.
Edit: Got it
Hey I am stuck at this point too, can you PM me a hint?
Hey would anyone be willing to PM a hint with priv sec. I understand I have to do use B** h*ing using q (I believe using vt**h) but I have no idea what to do…
Wow, finally was able to get the root flag. If you’re not well versed in networking, this will be a very challenging priv esc. There were a bunch of times that I wanted to give up because I wasn’t sure why things weren’t working – turns out, I just needed to try harder.
I’m very close on this one. Redirection complete, I have interesting traffic coming to me and I’m able to capture it, but I’m only seeing the first part of the 3 way thing - any hints?
After hours pulling my hair out, using nmap scripts, metasploit modules and every variation of the output of the port as a password - it came to me…find a tool you haven’t used before! hey presto I’m in and off and running. Amazing what a walk to clear the head can do
hi, i obtained the user flag quite quickly, but i cannot get the reverse shell.
i can the reverse connection, but it keeps dropping. on the other hand the nc version used does not allow me to use the -e or -c switch…
any help here?
or maybe i don’t have to get reverse shell to take care of mentioned african animal?
Hello someone have a hint after the login to the admin web page ? . I want to get user access on the machine but the password is not the same when I try ssh connection . Help me please , i’m stuck for hours ^^