@SilkySparrow said:
Im stuck on the /asdiS********* code, i decoded it and it gave me a bunch of random characters and index.php twic ,i read it is something with magic numbers but i dont figure out what to do next
if you decode it and save the output to a file, what type of file is it?
I did something really stupid on this box.I got the user few months before.Now i only have the “Password” stored in my Notes.I forgot the username to login with.
I still had to root the machine.You can visit my profile if you find something wrong.
if anyone is willing to help it would be great.
You can ignore if this seems nonsense to you.
All you need is a tool to list dynamic dependencies and probably grep to find the offset to the gadgets you need, and you have your address. That’s possible because A**R is disabled.
I am having a hard time decoding the .?! message , can anyone point me in the right direction? i’ve visited dcode website , but still no luck in decoding the message
how to proceed after initial nmap scan!!! i tried to login with some username and password in node-red webpage but either it go into infinite or shows login failed! any hint
@wish said:
how to proceed after initial nmap scan!!! i tried to login with some username and password in node-red webpage but either it go into infinite or shows login failed! any hint
Node red is a rabbit hole. Try and find a way to see what other directories are there on the web server. One must be useful
Hey, I’ve gotten a shell on this box and I see from the nmap scan that ssh is available. Is there any way to use ssh to log into the box? The dir that provides the rce always freezes, and the rev shell drops way too easily
@wish said:
how to proceed after initial nmap scan!!! i tried to login with some username and password in node-red webpage but either it go into infinite or shows login failed! any hint
Node red is a rabbit hole. Try and find a way to see what other directories are there on the web server. One must be useful
@drywaterv2 found those characters hard to decode any idea i am googling it but no luck as of now! Thanks for u r suggestion above
Can anyone PM me regarding the initial !??!! Message? i have looked into the whole zookeeper thing and EL but come up empty. i managed to find a B*F variation that uses the “?” symbol but not finding a decryptor.
EDIT: Got User…will work on root tomorrow…that first part is draining…took me a while.
i got a problem with the b4 decode of the second string. When i paste it in a .z** file end try to u it, i get an error. Can anyone pm me so that i don’t post any spoilers here?