Carrier

If anyone needs hint for user pm me …

I am stuck at root … I dont have much knowledge with networking n all …should i try rooting ? spend some time but reaching no where …any hint is appreciated …thanks

I’m not going to give up on this box. Despite spending way too long staring at the screen.
I have access to the webpage and I feel like I need to inject some code, via burp, into the d**g page. This is where my lack of experience is starting to show and is where i need some assistance progressing to ‘user.txt’
I’d rather not be told the answer as I’m here to learn, but if there is something I can read that may lead me the way or if someone can give me a little nudge in the right direction I would be grateful. Feel free to drop me a message.

Many Thanks

Type your comment> @Gh05tR1d3r said:

I’m not going to give up on this box. Despite spending way too long staring at the screen.
I have access to the webpage and I feel like I need to inject some code, via burp, into the d**g page. This is where my lack of experience is starting to show and is where i need some assistance progressing to ‘user.txt’
I’d rather not be told the answer as I’m here to learn, but if there is something I can read that may lead me the way or if someone can give me a little nudge in the right direction I would be grateful. Feel free to drop me a message.

Many Thanks

You’re on the right track, look at the parameters of your burp intercept, and check this out: Reverse Shell Cheat Sheet | pentestmonkey

Feel free to PM me :slight_smile:

Rooted, Best box so far! :slight_smile:

Type your comment> @Gh05tR1d3r said:

I’m not going to give up on this box. Despite spending way too long staring at the screen.
I have access to the webpage and I feel like I need to inject some code, via burp, into the d**g page. This is where my lack of experience is starting to show and is where i need some assistance progressing to ‘user.txt’
I’d rather not be told the answer as I’m here to learn, but if there is something I can read that may lead me the way or if someone can give me a little nudge in the right direction I would be grateful. Feel free to drop me a message.

Many Thanks

Hi
Do not give up … If you still need some direction pm me

thanks

Is tcpdump working correctly on the carrier box ?
I am not seeing any packets when i ping the ip from another shell of the same machine

Could you please show me a direction in privesc for carrier ?

I read about B** and A* .I understand that we have 3 As and our machine is in A1** …

Its using q***** service with B** …
I read from the t****** and found about the V** issue of connecting to an F** to 10.****** network .
I added the entry " network ******* " b**.c*** as
And use nc to listen …

I know i am missing something here …Am i in the right direction .It would be great if you give me a hint

thanks

Hi
I think I am very near …
I have the f** req captured using nc …I tried setting up p***** F** ser*** . but couldnt succeed…tc**** is not showing any data

Any help is appreciated ! My head is burning LOL

Wow …What a machine …
Finally rooted with help from many …
Learned a lot …Happy that i could root this !!!

Happy to help

Hardest box I’ve been doing so far. Finally rooted that b*tch. Thanks a lot to @snowscan for making this, I learned a TON of new stuff.

User is easy and there is plenty of hints already in this thread ; as for root, there are quite a few gotchas on the way to root.txt.

Some things that messed with me for some time : if you change the .conf of a service, be sure to write it and/or to restart the associated service so it gets accounted. Also, interface changes can be your friend. And last, but not least : be polite, say HELO.

Thanks a lot to @f1ndm3 and @Downloading for confirming I was on the right path, as well as @Xess , with whom it was quite fun to work :slight_smile:

Hii! I need some help with user.txt. I had access to panel administrator, i can see the page: diag******* and the check parameter. ??

Type your comment> @capitantrueno said:

Hii! I need some help with user.txt. I had access to panel administrator, i can see the page: diag******* and the check parameter. ??

R**
Close attention to the parameter value . ?
you have a good base

Type your comment> @Gh05tR1d3r said:

I’m not going to give up on this box. Despite spending way too long staring at the screen.
I have access to the webpage and I feel like I need to inject some code, via burp, into the d**g page. This is where my lack of experience is starting to show and is where i need some assistance progressing to ‘user.txt’
I’d rather not be told the answer as I’m here to learn, but if there is something I can read that may lead me the way or if someone can give me a little nudge in the right direction I would be grateful. Feel free to drop me a message.

Many Thanks

EDIT: Got ‘user.txt’ now. Thanks to @sillydaddy daddy and @Xess for the advice.

That was a mission finally rooted!! Thanks for all the hints and help on this one!

Type your comment> @Patapinh0 said:

Hardest box I’ve been doing so far. Finally rooted that b*tch. Thanks a lot to @snowscan for making this, I learned a TON of new stuff.

User is easy and there is plenty of hints already in this thread ; as for root, there are quite a few gotchas on the way to root.txt.

Some things that messed with me for some time : if you change the .conf of a service, be sure to write it and/or to restart the associated service so it gets accounted. Also, interface changes can be your friend. And last, but not least : be polite, say HELO.

Thanks a lot to @f1ndm3 and @Downloading for confirming I was on the right path, as well as @Xess , with whom it was quite fun to work :slight_smile:

It was a pleasure to struggle together haha! :slight_smile:

@Gh05tR1d3r said:
Type your comment> @Gh05tR1d3r said:

I’m not going to give up on this box. Despite spending way too long staring at the screen.
I have access to the webpage and I feel like I need to inject some code, via burp, into the d**g page. This is where my lack of experience is starting to show and is where i need some assistance progressing to ‘user.txt’
I’d rather not be told the answer as I’m here to learn, but if there is something I can read that may lead me the way or if someone can give me a little nudge in the right direction I would be grateful. Feel free to drop me a message.

Many Thanks

EDIT: Got ‘user.txt’ now. Thanks to @sillydaddy daddy and @Xess for the advice.

Anytime! :slight_smile:

Hmmm, so I have the SN but it doesn’t seem to be working to login to the page? Any ideas

Having a lot of troubles with what needs to be done next after getting user.txt.

I have tried using reverse shell codes cheat sheet and tried to input it into the check perimeter. However, it is not executing and I can’t listen to it on my kali linux. Is there anyone that can help me out?

Type your comment> @RyanW18 said:

Hmmm, so I have the SN but it doesn’t seem to be working to login to the page? Any ideas

Do not include the SN in the password and it will work if your username is the correct one.

Type your comment> @Ryzeros said:

Type your comment> @RyanW18 said:

Hmmm, so I have the SN but it doesn’t seem to be working to login to the page? Any ideas

Do not include the SN in the password and it will work if your username is the correct one.

Was a classic layer 8 issue. Had a character on the end of the password which shouldn’t have been. Got a shell onto the machine however for the last hour I can’t figure out how to maintain access via an ssh account or anything lol