Carrier

So I know what to do, I’m able to do B** H******* but I can’t figure out how to get that IP to be reachable on the machine.

Type your comment> @RyanW18 said:

So I know what to do, I’m able to do B** H******* but I can’t figure out how to get that IP to be reachable on the machine.

A sweep ?

Type your comment> @sillydaddy said:

Type your comment> @RyanW18 said:

So I know what to do, I’m able to do B** H******* but I can’t figure out how to get that IP to be reachable on the machine.

A sweep ?

So I know what I need to do exactly and how to do it however when changing an interface (any of them) to the IP i need for it to be reachable and then routed by B** it terminates my shell, then I can no longer get my reverse shell back as a machine reset is needed

Spoiler Removed

What I just want to know is when would this box be retired lolz? I just want to read the write up for root. It should have been retired last week instead of ypuffy according to the normal flow.

lol! Was trying without stars but it was not working for me.

@st4rL0rd said:
Type your comment> @vno said:

Not able to login with a**** : S*************. Is it just me or others are also facing same issue?

check without S***
Edit: Got it!

Anyone got any ideas as to when I change any interfaces IP address my shell drops and I then have to reset the box to get back on. Literally any of the interfaces it has I’ve tried changing and I get dropped instantly

I got it too!! thanks to @Lanks07 for the final help! I’ll keep the chain of help, so DM if you need help, pleased to be of use

@RyanW18 said:
Anyone got any ideas as to when I change any interfaces IP address my shell drops and I then have to reset the box to get back on. Literally any of the interfaces it has I’ve tried changing and I get dropped instantly

For sure there’s one that should not be changed as is the one you are using to connect to the machine, so try another. It happened to me as well, couple tries until i noticed.

Type your comment> @st4rL0rd said:

@RyanW18 said:
Anyone got any ideas as to when I change any interfaces IP address my shell drops and I then have to reset the box to get back on. Literally any of the interfaces it has I’ve tried changing and I get dropped instantly

For sure there’s one that should not be changed as is the one you are using to connect to the machine, so try another. It happened to me as well, couple tries until i noticed.

Tried all interfaces even loopback1

I’ m trying to get user.txt. I am logged in as admin in the console. Not sure what to do next?

Type your comment> @DrinkACoffee said:

I’ m trying to get user.txt. I am logged in as admin in the console. Not sure what to do next?

One of the pages should contain some output that’s similar to a command used in Linux environments. Try see what it’s doing and whether you can change its behaviour.

So now I’ve rooted it. It took a while and a lot longer than it should have however I’ve learnt a lot from this box, massive thanks to @Lanks07 for the hints and tips along the way.

User

  • Fairly basic enumeration to get user and quite straight forward.

Root

  • Very useful to have a networking background/knowledge for this one.
  • Look back at something you may have disregarded from your initial enumeration as part of user. It comes in helpful.

If anyone wants tips or hints just let me know and I’ll be happy to help where I can!

I’m so lost, I’ve been able to get to the dia* page and I’ve been able to get the page to function differently with burp suite. It seems like I’m getting it to print out all the commands that have recently been ran on the machine, I think. I got it to do that by changing the “check=” to “check=dir”. But I can’t get it to do anything else and I’m just stuck. If anyone could give me a nudge in the right direction I’d really appreciate it!

Edit: Got the user flag! On to root.

Type your comment> @zerosoul said:

I’m so lost, I’ve been able to get to the dia* page and I’ve been able to get the page to function differently with burp suite. It seems like I’m getting it to print out all the commands that have recently been ran on the machine, I think. I got it to do that by changing the “check=” to “check=dir”. But I can’t get it to do anything else and I’m just stuck. If anyone could give me a nudge in the right direction I’d really appreciate it!

Look at the original parameters the di** page was sending. Does that look like normal text to you? Does it even resemble anything?

I think I know what I have to do to get root, just want to know if “CVE” clue in T*****s is complete rabbit hole.

Type your comment> @RyanW18 said:

Type your comment> @zerosoul said:

I’m so lost, I’ve been able to get to the dia* page and I’ve been able to get the page to function differently with burp suite. It seems like I’m getting it to print out all the commands that have recently been ran on the machine, I think. I got it to do that by changing the “check=” to “check=dir”. But I can’t get it to do anything else and I’m just stuck. If anyone could give me a nudge in the right direction I’d really appreciate it!

Look at the original parameters the di** page was sending. Does that look like normal text to you? Does it even resemble anything?

I couldn’t figure out how to de**** the string. But I figured it out! Thanks man!

Type your comment> @mordecai said:

I think I know what I have to do to get root, just want to know if “CVE” clue in T*****s is complete rabbit hole.

No CVEs needed to gain root.

ive gotten a shell and user.txt, havent had any issues with stability or anything, but i just cant figure out what im supposed to do to make the B** service route traffic to me, not very familiar with networking at all. im sure this will be the next box to be retired but its been the bane of my existence for the last week.

I’ve gotten user.txt but I am having trouble getting root.txt, I know the concepts of B** H*******g and using T***p to grab the f credentials just a bit lost as i have not had any experience with this side of the networking world. Any nudges in the right direction would be greatly appreciated.