Frolic

If anyone can send me a message with the initial foothold, did some enumeration but can only find 5 TCP Ports open, and unsure on where to go from here. 1 UDP port too. Any help would be great

Im stuck on the /asdiS********* code, i decoded it and it gave me a bunch of random characters and index.php twic ,i read it is something with magic numbers but i dont figure out what to do next

@SilkySparrow said:
Im stuck on the /asdiS********* code, i decoded it and it gave me a bunch of random characters and index.php twic ,i read it is something with magic numbers but i dont figure out what to do next

if you decode it and save the output to a file, what type of file is it?

I did something really stupid on this box.I got the user few months before.Now i only have the “Password” stored in my Notes.I forgot the username to login with.
I still had to root the machine.You can visit my profile if you find something wrong.
if anyone is willing to help it would be great.
You can ignore if this seems nonsense to you.

how to find the address. beacuse there is not g** installed. Any hint

All you need is a tool to list dynamic dependencies and probably grep to find the offset to the gadgets you need, and you have your address. That’s possible because A**R is disabled.

root

I am having a hard time decoding the .?! message , can anyone point me in the right direction? i’ve visited dcode website , but still no luck in decoding the message

Thanks in advance

how to proceed after initial nmap scan!!! i tried to login with some username and password in node-red webpage but either it go into infinite or shows login failed! any hint

@wish said:
how to proceed after initial nmap scan!!! i tried to login with some username and password in node-red webpage but either it go into infinite or shows login failed! any hint

Node red is a rabbit hole. Try and find a way to see what other directories are there on the web server. One must be useful

Hey, I’ve gotten a shell on this box and I see from the nmap scan that ssh is available. Is there any way to use ssh to log into the box? The dir that provides the rce always freezes, and the rev shell drops way too easily

@drywaterv2 said:

@wish said:
how to proceed after initial nmap scan!!! i tried to login with some username and password in node-red webpage but either it go into infinite or shows login failed! any hint

Node red is a rabbit hole. Try and find a way to see what other directories are there on the web server. One must be useful

@drywaterv2 found those characters hard to decode any idea i am googling it but no luck as of now! Thanks for u r suggestion above

Decrypted the first part…now on second part!!!

How to decode the second part any hint!..

Decoded second part and got new string…

how to use id********, trying to brutforce web pages!!! any hint

@wish said:
how to use id********, trying to brutforce web pages!!! any hint

I’ve sent you a PM. :slight_smile:

I am getting this wired error when going for root "bash: [1658: 1 (255)] tcsetattr: Inappropriate ioctl for device " any idea or hint on this. ?

user!!!
any hint for priv esc!..

edit: rooted

0c70b3r is a big hint!!

rooted this machine if anyone need help feel free to pm :slight_smile:

Can anyone PM me regarding the initial !??!! Message? i have looked into the whole zookeeper thing and EL but come up empty. i managed to find a B*F variation that uses the “?” symbol but not finding a decryptor.

EDIT: Got User…will work on root tomorrow…that first part is draining…took me a while.

i got a problem with the b4 decode of the second string. When i paste it in a .z** file end try to u it, i get an error. Can anyone pm me so that i don’t post any spoilers here?

Edit: fixed :expressionless:

@Baikuya thank you