Zipper

Finally got root! Learned a bunch… thanks to @copt and @takeiteasy for the nudges

Any help on PM for sources on what to do after reversing the interesting file would be much appreciated. Kinda new to pentesting here.

Type your comment> @mannubb said:

Type your comment> @sherrymi said:

GUI deny access。what happen?i need help

If not gui, find the cli.
i can not find cli。my god。how to use 10500 port

Type your comment> @sherrymi said:

Type your comment> @mannubb said:

 Type your comment> @sherrymi said:
 > GUI deny access。what happen?i need help

 If not gui, find the cli.

i can not find cli。my god。how to use 10500 port

Search za*****x-cli

Really loved this box!
you did a great job @burmat

Thanks for the fun!
:wink:

Driving me nuts with the resets today :frowning:

Type your comment> @mannubb said:

Type your comment> @sherrymi said:

Type your comment> @mannubb said:

 Type your comment> @sherrymi said:
 > GUI deny access。what happen?i need help

 If not gui, find the cli.

i can not find cli。my god。how to use 10500 port

Search za*****x-cli

Thank you! i get user

Type your comment> @mannubb said:

Type your comment> @sherrymi said:

GUI deny access。what happen?i need help

If not gui, find the cli.

i need root?can u give me some help?

Type your comment> @sherrymi said:

Type your comment> @mannubb said:

 Type your comment> @sherrymi said:
 > GUI deny access。what happen?i need help

 If not gui, find the cli.

i need root?can u give me some help?

Enumeration should identify the likely candidate.
Strings it.

Type your comment> @mannubb said:

Type your comment> @sherrymi said:

Type your comment> @mannubb said:

 Type your comment> @sherrymi said:
 > GUI deny access。what happen?i need help

 If not gui, find the cli.

i need root?can u give me some help?

Enumeration should identify the likely candidate.
Strings it.

i am not understand。sorry

In the final step to root there is a command injection, however not letting pwn the box. Looks like a decoy and distraction -:slight_smile:

In general the Box was very nice.

Is it just me, or does the box keep acting weird by not showing the user’s home directory?

Finally rooted after kicking myself repeatedly for amateur mistakes. Here’s my hints (Please PM me if there are spoilers, and I’ll edit.)

Initial: Don’t be content with the default wordlists during your initial enumeration, especially with dirb. Read every message you can find that can give you a way in. Go back to absolute basics when trying to determine passwords. Documentation is your friend. There may be more than one way to access and control a system.

User: Can’t find what you want? Are you sure you are in the right place?

“How would you know the difference between the dream world, and the real world?”
– Morpheus.
When you are in the real world, there’s no place like 127.0.0.1 for hints on elevated access.

Root: Stay where you are. Let the u**** be your puppet

I know I’m using a lot of cryptic messages, but as one of my previous posts was removed, I had to be slightly more vague.

Feel free to PM me for more concrete hints.

Hello guys,

After some struggle I was able to get a reverse shell using the exploit.But I’m logged in as “Zabbix” how to jump to “Zipper”.

Please PM me…help would be appreciated…thanks in advance !!!

Hey guys,
I managed to get a rev shell, currently working on the user and I am very stuck in what I presume to be a d***** e*********t. This may be an irrelevant rabbithole but if you have any resources that could point me in the right direction that would be much appreciated, cheers.

Type your comment> @deathflash1411 said:

Hello guys,

After some struggle I was able to get a reverse shell using the exploit.But I’m logged in as “Zabbix” how to jump to “Zipper”.

Please PM me…help would be appreciated…thanks in advance !!!

I’m in the same boat with @deathflash1411. Please PM me for a little kick

Type your comment> @Aoxomoxoa said:

Type your comment> @deathflash1411 said:

Hello guys,

After some struggle I was able to get a reverse shell using the exploit.But I’m logged in as “Zabbix” how to jump to “Zipper”.

Please PM me…help would be appreciated…thanks in advance !!!

I’m in the same boat with @deathflash1411. Please PM me for a little kick

Explore Zabbix Admin GUI

Could someone PM me a hint on initial foothold?
Can’t seem to a guess user/password from the webapp I have access to.

Can someone help me to get tty ?

I’ve been at this box for days now. I have a reverse shell but it’s in the “wrong place” I’m going crazy. I’d like to finish this box before it gets retired. Any small tip how to get to the “right place” would be greatly appreciated.