Netmon

Type your comment> @z3r0c001 said:

Thank you @sillydaddy ! You saved my day with your last post!!! “Think like a user” was smashing my brain… Remembering the year was a good hint!

no worries

Rooted, Fun little box… Thanks to the creator.

@Lisbeth said:
@sillydaddy you are a legend! Thank you for putting me out of my misery! Suddenly everything makes sense now. Doh! :slight_smile:

no worries

I think I have found the creds to login but get denied.

Can someone PM me to confirm I have the correct ones (or have I fallen foul of the password changers!!!)

Type your comment> @sillydaddy said:

Type your comment> @z3r0c001 said:

Thank you @sillydaddy ! You saved my day with your last post!!! “Think like a user” was smashing my brain… Remembering the year was a good hint!

no worries
Tip for root?

@LuckSec said:
Type your comment> @sillydaddy said:

Type your comment> @z3r0c001 said:

Thank you @sillydaddy ! You saved my day with your last post!!! “Think like a user” was smashing my brain… Remembering the year was a good hint!

no worries
Tip for root?

Search Google …
app name and a common web vulnerabiity . you should get a blog post !!!

Yup done that found the correct place and crafting a command then check back at the FTP server but nowt nowt nowt hahah its killing me this noob box but good fun as i have never user PRTG

The passwords are definitely getting changed. I couldn’t get in with the correct creds the first time I tried, and while I was poking around, it kicked me out and wouldn’t let me back in till I reverted. I don’t think people are intentionally doing it, I am guessing that the “password reset” is rendering the correct one useless once it is clicked.

and I am on VIP

about creds, read some reddit page.

I slapped myself in my face with a big C++ book…
For creds: ENUMERATE. ENUMERATE MORE. ENUMERATE

then it’s straight forward to gain access and priv esc :slight_smile:

Getting creds is very easy if you are focusing on right think, simple grep should get you the password

Maybe i’m overlooking something, finding the user.txt was easy but im unable to login to the web page. I cannot find the credentials, looked online and the credentials i found there don’t work.

I already know what I have to do when i’m logged on… Any tips on finding the creds?

Getting stuck after first user. I tried different methods over different ports but nothing…
Any hint? No bruteforce.
Thanks anyway

Rooted
but i face lots of problem in rooting every minute people reset the machine and changing the password
guys please stop resetting the box .

Very nice box. You really do need to think like a user to get in.
Getting the root flag can be fairly easy if you research the features of the system. No need to exploit any Windows features. Basically read the docs.

I’ve got the User, I’ve no idea what creds people are guessing for the web login though and I’ve spent a couple of hours exploring via FTP but failed to find any creds written down anywhere, even with the more thorough approach to listing contents. Can somebody PM me a nudge please? Thank you!

Do not change the password
Do not use Brute Force
Do not restart the box

The stability of the box is brainfuck xD

@19Rich said:

I’ve got the User, I’ve no idea what creds people are guessing for the web login though and I’ve spent a couple of hours exploring via FTP but failed to find any creds written down anywhere, even with the more thorough approach to listing contents. Can somebody PM me a nudge please? Thank you!

Cheers for the hints - I had the right details, just needed to kick the box to get them working :frowning: I know what I’ve got to do for the next step, give me a week and I might actually work out how to do it too! :-/

Type your comment> @19Rich said:

@19Rich said:

I’ve got the User, I’ve no idea what creds people are guessing for the web login though and I’ve spent a couple of hours exploring via FTP but failed to find any creds written down anywhere, even with the more thorough approach to listing contents. Can somebody PM me a nudge please? Thank you!

Cheers for the hints - I had the right details, just needed to kick the box to get them working :frowning: I know what I’ve got to do for the next step, give me a week and I might actually work out how to do it too! :-/

Similar sitiation as @19Rich. I have explored all conf file, unsucessfulls web login to get root access.

Can somebody could give me some hint by PM ?

Best regards

User is very simple and direct.