The application may have been upgraded since then. Database applications usually create other files while running an upgrade.
So I obviously grabbed user, and I was able to use the hints here to find what I think is the PW for logging into the webui, but it doesn’t take. What am I missing?
Nvmnd, got the creds. Now I’m stuc on getting root. The exploit I found doesn’t seem to be taking, or at least, it’s not allowing for access via F** as before. Would appreciate a PM with a hint as to what I’m doing wrong here…
Got user, didn’t realize it was that easy… Now I need hints for root if anyone can help, I have discovered the RC* exploit and the creds to get the coo*ie for the exploit. Upon execution exploit everything works well and I have seen the S** service but now I am lost on what my next step is.
Has someone hit reset on the user creds which prevents login for everyone else?
I can connect via the CLI to the needed serivce but cannot list anything??? I am on VIP.
#rooted ■■■■■■ ■■■■. Easy but not at the same time lol
Type your comment> @monkeychild said:
#rooted ■■■■■■ ■■■■. Easy but not at the same time lol
Yeah, it is a different mindset unless you work in an environment (Such as an MSP) that uses RMM software.
Hello guys,
could you pls give me a hint regarding user. I found Con*****n.da* file, there was prtgadmin user, however password looks encrypted. Also, I found an exploit which I need to use, but I do not have some data which I need to catch by Burp with relevant creds for using the exploit.
@c0uldb3 there are a few of the Conn.da* files in that box. one of the Conn.da* holds plain text password. u dont need to decrypt any hashes
<removed // wrong info and managed to include spoiler! :P>
Check your f** client’s options to explore the FS correctly.
Need help get the RC* to work. Someone pls pm me
Edit - Never mind I found a different way to get root
Hmm, I found all the dat, o**.b**, but the passwords are encrypted.
Type your comment> @Th3R4nd0m said:
Hmm, I found all the dat, o**.b**, but the passwords are encrypted.
Not encrypted. Those are the flags you need to paste in the box to validate your capture.
Guys I created new user group . But iam now confused where to login with those creds. Please can you give me a clear hint guys.Thanks in Advance
how to execute that notifi****** after sving it? I am stuck really bad. can anyone pm for help?
got it finally. rooted. pm for help
Hey guys, can someone help me with root? I’ve downloaded all coXXXg files including the .dXX and baXXXps, sadly the creds in there are encrypted, then I downloaded the coXXXg file in the AuXX-BaXXXps directory but it seems corrupted
To whoever just changed the password: FUUUUUUCK YOU
Type your comment> @FormatHDD said:
Hey guys, can someone help me with root? I’ve downloaded all coXXXg files including the .dXX and baXXXps, sadly the creds in there are encrypted, then I downloaded the coXXXg file in the AuXX-BaXXXps directory but it seems corrupted
Maybe you are looking at the wrong file… You are on the right track, but it seems you are overthinking it.