Unattended

I’m just having trouble figuring out where to go from where I am. I’ve tried so many different things already lol

So far so good just enum couldn’t find anything juicey even sqlmap is so slow

I’m going to have to come back to this. I need food XD

Hm, I’m on pass three with Gobuster and adding some extensions, nothing yet. Wondering if the weird hostname has anything to do with it

Found ftp creds. No idea were to use them lolz

How in the world you got them?
Getting nothing here

^ are you a wizard?

Enumerate the site, note they got hacked recently.

This box is pretty frustrating so far. Found the simple website, noticed a couple interesting things about how things on that are named, but it’s starting to feel very #guessthebox.

The “site” on my end (on both 80 & 443) is either “connection reset” or literally blank with no data received. After a total of 6 passes with GoBuster, cranking out a massive list including multiple extensions… I hit on nothing. At all.

Something is janky here.

ETA: Oh, but interesting hostname here. That’s kinda nice. Gonna sit this one out til it’s not getting fingerblasted.

Type your comment> @Malone5923 said:

Found ftp creds. No idea were to use them lolz

I found them also, but nothing else too awful interesting yet

Type your comment> @0PT1MUS said:

Type your comment> @Malone5923 said:

Found ftp creds. No idea were to use them lolz

I found them also, but nothing else too awful interesting yet

Yeah. I am also stuck at this point.

Yeah, I didn’t find those lol

25, 465, 587 …

Type your comment> @redhot said:

25, 465, 587 …

wish i had burp pro…

Type your comment> @7355608 said:

Type your comment> @redhot said:

25, 465, 587 …

wish i had burp pro…

These numbers are at least slightly significant and they correspond with pages on the simple site in ways other than just how you first found them, but I’d love to have the hours I’ve spent attacking this site with burp pro back. :stuck_out_tongue:

Type your comment> @redhot said:

25, 465, 587 …

yea these are smtp ports, i enumerated all the numbers up to 10000 for the id parameter and got nothing…

Type your comment> @7355608 said:

Type your comment> @redhot said:

25, 465, 587 …

wish i had burp pro…

You dont need pro for that. You can use the community version or just use curl with some bash scripting.

Type your comment> @Malone5923 said:

Type your comment> @7355608 said:

Type your comment> @redhot said:

25, 465, 587 …

wish i had burp pro…

You dont need pro for that. You can use the community version or just use curl with some bash scripting.

i know i’m just commenting on the fact that community version throttles intruder. that is all.

or just wfuzz it