Netmon

The application may have been upgraded since then. Database applications usually create other files while running an upgrade.

So I obviously grabbed user, and I was able to use the hints here to find what I think is the PW for logging into the webui, but it doesn’t take. What am I missing?

Nvmnd, got the creds. Now I’m stuc on getting root. The exploit I found doesn’t seem to be taking, or at least, it’s not allowing for access via F** as before. Would appreciate a PM with a hint as to what I’m doing wrong here…

Got user, didn’t realize it was that easy… Now I need hints for root if anyone can help, I have discovered the RC* exploit and the creds to get the coo*ie for the exploit. Upon execution exploit everything works well and I have seen the S** service but now I am lost on what my next step is.

Has someone hit reset on the user creds which prevents login for everyone else?

I can connect via the CLI to the needed serivce but cannot list anything??? I am on VIP.

#rooted ■■■■■■ ■■■■. Easy but not at the same time lol

Type your comment> @monkeychild said:

#rooted ■■■■■■ ■■■■. Easy but not at the same time lol

Yeah, it is a different mindset unless you work in an environment (Such as an MSP) that uses RMM software.

Hello guys,
could you pls give me a hint regarding user. I found Con*****n.da* file, there was prtgadmin user, however password looks encrypted. Also, I found an exploit which I need to use, but I do not have some data which I need to catch by Burp with relevant creds for using the exploit.

@c0uldb3 there are a few of the Conn.da* files in that box. one of the Conn.da* holds plain text password. u dont need to decrypt any hashes

<removed // wrong info and managed to include spoiler! :P>

Check your f** client’s options to explore the FS correctly.

Need help get the RC* to work. Someone pls pm me

Edit - Never mind I found a different way to get root

Hmm, I found all the dat, o**.b**, but the passwords are encrypted.

Type your comment> @Th3R4nd0m said:

Hmm, I found all the dat, o**.b**, but the passwords are encrypted.

Not encrypted. Those are the flags you need to paste in the box to validate your capture.

@GibParadox
Thanks, already pwned it.

Guys I created new user group . But iam now confused where to login with those creds. Please can you give me a clear hint guys.Thanks in Advance

how to execute that notifi****** after sving it? I am stuck really bad. can anyone pm for help?

got it finally. rooted. pm for help

Hey guys, can someone help me with root? I’ve downloaded all coXXXg files including the .dXX and baXXXps, sadly the creds in there are encrypted, then I downloaded the coXXXg file in the AuXX-BaXXXps directory but it seems corrupted

To whoever just changed the password: FUUUUUUCK YOU

Type your comment> @FormatHDD said:

Hey guys, can someone help me with root? I’ve downloaded all coXXXg files including the .dXX and baXXXps, sadly the creds in there are encrypted, then I downloaded the coXXXg file in the AuXX-BaXXXps directory but it seems corrupted

Maybe you are looking at the wrong file… You are on the right track, but it seems you are overthinking it.