@alrightalright said:
On foothold:
Does anyone else get a positive hit on hydra but the login doesnt work? Ive never seen this before sorry if stupid question
not a stupid question but was asked already multiple times
I won’t hand it to you, sorry - go back in this topic and you will find it
@alrightalright said:
On foothold:
Does anyone else get a positive hit on hydra but the login doesnt work? Ive never seen this before sorry if stupid question
not a stupid question but was asked already multiple times
I won’t hand it to you, sorry - go back in this topic and you will find it
Right hahah, seeing now that hydra isnt the way to go. Ill guess some
@sesha569 said:
Got the reverse shell. But not able to navigate to home or any folders. So any hints here appreciated. Thanks
What user are you? As mentioned in this thread - the right place and user can see home folder. If you can’t - you are in the wrong place. Zabbix is quite specific…
i’m able to execute code both on server and agent, but unable to got a stable rev shell, due to timeout…
found also a my**l credential, but unable to login on the db from server…
Lost a lot of time on initial foothold and I can’t say I learned anything new on that part. Remove if you consider this a spoiler. The hint regarding “a typo in a word while logged as Guest” refers to an unusual name compared to the machine’s name. You can’t miss it. Pay attention to “case sensitive” and you will know you got it right when a different message than “incorrect password” will be shown. The password for that unusual “typo” user is at simple as possible, so just guess it, no brute-force needed. Feel free to PM me for that part.
Anyone able to PM me I would be grateful. I have what looks like a successful exploit but cant find any documetation on the CLI. A point in the right direction would be appreciated
I got the reverse shell but for the z****, can’t access anything. I think i am at wrong place ,
if i am on right track then please PM me. Need urgent help plzzzzzz.
I just wanted to post and say how much I enjoyed this box and learned some really cool vulnerabilities and exploits about the service used as well as the method of priv esc. We need more boxes like this!!
Hi, i enumerated correct username and password, i installed z*****-cli and i can run some commands but i can not run any scripts. Is there are a way to bypass gui access or reset admin password?