Any hint on how to get that shell up on page ? Note: I find my jpg when i upload it, just cant upload a functional php.
Strangeā¦
The most used method to gain root is not working anymore? xD
edit:
Nvm, rooted. lolā¦
@ntroot said:
Any hint on how to get that shell up on page ? Note: I find my jpg when i upload it, just cant upload a functional php.
Ah nvm. got it Why is it always when i post i get the answer by myself in next 5 minutes. LOL !
Get user credential but where can i use them? Looking for webapp but canāt find!
anyone willing to pm me and check my script/methodology on the app. Iāve had some connections back from the app, that then terminate? not sure whats going on?
Completed this machine if any one need help feel free to pm
Rooted
User: i used the first method on the first port would still work my way on the other method later
Root: was pretty easy and obvious
Keep it simple and donāt be too lazy
In terms of time travelling, Iām assuming altering the date is required. Is changing the time needed too?
I am lost in the file extension bypassing
any hint for that?
I have tried with different extension and modifying the content type
but none of them work
Apart from the unauthenticated way,
I have no idea on constructing the n***.*s query
Thanks in advance
@mystory20 said:
I am lost in the file extension bypassing
any hint for that?
I have tried with different extension and modifying the content type
but none of them workApart from the unauthenticated way,
I have no idea on constructing the n***.*s queryThanks in advance
same here. i can find my jpeg file with exploit script but stuck on bypassing the file extension filter ā¦ hints will be appreciated.
Thanks.
Are there any changes in the last hours ? I managed to upload and run a shell on this twice but after a reset, nothing seems to work. I already got user but while trying root i found that someone caused havok on the system.
I can find and call .jpg and i was able to upload .php too but stopped to work.
āupdateā
And of course the second I post another run actually works. Must have been bad luck with the server earlier.
I am having trouble with the upload and run shell one too. I think I know how to get around the filter, but I canāt even get a jpg or txt upload to work. Even with some time travel although the server header responses look like they match my system time anyway.
Now Im really confused. I used the REST alternative to get user and its hash (with one of the previous posts its easy). I cracked the hash and have also password. tried to log in via the lowest port and cannot. What am I missing?
Rooted. I used the obvious way.
If someone knows other ways to root please PM me so we can discuss.
mystified as to how everyone else is getting the script to return results
Iām having some bad luck with the VPN connection so my script fails intermittent.
Managed to get user, working on priv esc now
So Iām stuck on just getting user. I retrieved some creds from that high port service, logged into the web app using them.
Didnāt see much other than a little bit less blindness.
I did get a fixed up exploit to give me a helpful URL.
However I canāt seem to move past the filtering to execute my shellcode.
Should I have stuck with just the high-port service for getting a shell or is the web app the right direction?
Anyone have any php pages theyād recommend for filtering bypass ideas?
Iām assuming resets would also cover databases and that the challenge isnāt broken from others modifying it.
Fun box! My advice is to examine the upload code and the exploit code closely, and edit as needed ā might have to do some manual experimentation. After finding your shell, itās a quick step to root! Basic, basic enum.