trying to connect via my*** in localhost with a shell, got by rce, show me no output (should show me shell for type s** queries). It does not return me credentials error or any other kind of error but nothing it’s shown…
Hi Hope all of you are well. I need help. The username for the Webpage Login is G****, I have the password and I know there is a missing letter that needs to be added. I used Bp and H* to find the correct password with no luck. Please can someone PM me
@Morf said:
Hi Hope all of you are well. I need help. The username for the Webpage Login is G****, I have the password and I know there is a missing letter that needs to be added. I used Bp and H* to find the correct password with no luck. Please can someone PM me
@Morf said:
Hi Hope all of you are well. I need help. The username for the Webpage Login is G****, I have the password and I know there is a missing letter that needs to be added. I used Bp and H* to find the correct password with no luck. Please can someone PM me
Use crunch command to generate password variations and hydra to bruteforce!
Very nice user challenge which is common in real life. Root was a pain in the a** for me… spend too much time asking myself obvious aspects of sy******.
A good box to learn some basic things in my opinion . Thanks @Gioo! <3
All the tips and hints in the firsts pages of this thread are more than enough to own this box, so I won’t tell anything more. If you need some hints because you get stuck, PM me, you are welcome
Also, thanks to all the mates who shared it’s time with me along my journey ( @Puru@EthicalHCOP )
I got root, but I think I did it in a less-than-ideal way. Anyone mind chatting about how you did it? For some clarity, the way I went about it, I had to reset the box right after so that I didn’t ruin it for anyone else…
@crisco said:
I got root, but I think I did it in a less-than-ideal way. Anyone mind chatting about how you did it? For some clarity, the way I went about it, I had to reset the box right after so that I didn’t ruin it for anyone else…
I think theres a lot of us who did exactly that and probably that is why there where soooooo many resets.
I think there has to be a more elegant -and non destructive- way because this is not good practice and of course not at all stealthy
I’m interested in creating a script for the initial foothold, be it bash shell or python.
The farthest I came is to create a q*** in m****e and from there on I been doing it manually -it was a terrible hassle every time-.
Anyone interested in talking about it just to learn?
I have a working scripted exploit for the initial shell access, if anyone is interested. I didn’t find a fully automated POC for this vulnerability anywhere (just a description of how to manually exploit it), so I’ve written this from scratch.
It’s able to trigger the vulnerability and clean up after itself. PM me if interested!
I started this 2 days ago, and got the initial login after about 7 hours of work. Pretty frustrated i missed it for so long after I found it.
I actually found the exploit for the initial shell before getting the creds too.
Problem is, now I’m struggling to get RCE because I suck at a certain language besides english, and I found out how to be evil, but trying to be a copycat, I found a robin type this-is-an-exploit-preventiob. lol
If anyone is willing to PM me and point me towards a good resource for getting better at the language I suck at I which is relevant for this system would really appreciate it.
Hey just a tip from my side: When you get your reverse shell: please please please daemonize the process using nohup.
Otherwise the service is blocked for others and people might try resetting for no reason.