Hint for HELP

Type your comment> @itookadump said:

@shadow1warrior said:

When I run a Nmap scan (nmap -sV -sC -oA nmap 10.10.10.121) the result I get is:
“PORT STATE SERVICE VERSION
25/tcp open tcpwrapped
|_smtp-commands: Couldn’t establish connection on port 25”

I also tried “enum4linux” but didn’t get anything.
How should I proceed from here? Need some help/guidance…

There are other ports to investigate…

Should I try -sU for UDP scan?

Finally got it, could somebody guide me through the high port explotation tho? Also if anybody needs some help just throw me a pm

PM me for hints …

Type your comment> @shadow1warrior said:

When I run a Nmap scan (nmap -sV -sC -oA nmap 10.10.10.121) the result I get is:
“PORT STATE SERVICE VERSION
25/tcp open tcpwrapped
|_smtp-commands: Couldn’t establish connection on port 25”

I also tried “enum4linux” but didn’t get anything.
How should I proceed from here? Need some help/guidance…

I think you should start by studying and learning. There are lots of videos with walkthroughs, check for example ippsec channel wich absolutely great. Also read writeups.
You have to build a base of knowledge.

Painful… been trying getting root for a while now, no success. Please send me a PM with some good advice.

I’m trying the **** port way and stuck trying to get the creds?? Anyone want to offer advice?

Hey, folks,

Someone can give me a tip with the user of this box. I understand that the server date with my PC is not coordinated but I don’t know where to go from here.

Greetings

anyone out there have time to break down the query syntax?

NVM got it !

I’m stuck rooting this box.
I found some credentials, tried some kernel and application exploits but nothing worked so far.

If someone has another hint for me just PM me.

I’m banging my head against a brick wall … I have found the user injection point, I have found the folder for t*****s, and I have tested with a jpg and txt. I just can’t get past the extension filter. Can someone PM me with a hint

rooted via code execution… I found some passwords but couldnt use them for privesc. Can anyone send me a nudge? I’d like to learn the intended way.

i NEED HELP plz , i stuck with the upload shell, i found the creds from port XXXX, and i logged into the main web site and found out that the upload direction would be easier than to get admin by b**** s*** , but i couldn’t upload the shell, btw i read the source code and i tried harder, all the ways that i know to bypass the upload mechanism, any hint for that point plz.

Enjoyed owning this box. It’s tricky, but I think it is fair. Root is particularly easy. I went the easy-mode route, but perhaps there is another way to get there that takes some more effort.

PM me if you need are stuck, tell me where you’re at and what you’ve uncovered so far and I will try to give you a nudge in the right direction.

Did b**** si and got user and pass but I am unable to use them to gain further foothold, can anyone pm me for more information? I even tried to s1(password) to use for lower port

Type your comment> @t4a1 said:

Did b**** si and got user and pass but I am unable to use them to gain further foothold, can anyone pm me for more information? I even tried to s1(password) to use for lower port

So I am able to login to admin area, however I have no clue how to further my foothold, am I going to use the same vul everyone is using? How did those that did using b**** s**i managed to get the user other than admin?

Hi,
I have this question bugging me , If time() in python returns epoch. how would timezone make a difference.?

Rooted Done and dusted a lot of false rabbit holes in this discussion the box was a piece of cake

Type your comment> @Hashbyte said:

Hi,
I have this question bugging me , If time() in python returns epoch. how would timezone make a difference.?

Asking that myself. Really strange behavior. But it also seems that PHP time() is timezone relevant.

EDIT:
But as I understand from time — Time access and conversions — Python 3.12.0 documentation epoch just says January 1st 1970 00:00. So it could be timezone based as this date may differ.

Well in this instance theres now to worry about i read some of the hints and was sweating as i needed this box for elite hacker and when i read the hints i thought oh wow nope was the easiest box on the active machines in my humble opinion

not too easy for noobs though as theres definately some gotchas right at the beginning

remember dont always believe what you read