hi, one of you has the next problem, i get it flag of user.txt, but now when upload de script… this not work , i probe one more time and i change of the server, but the problem persit, thanks.
rooted!, i great machine, well the key is a enumeration and you can see very good the paths…
Hi, I am feeling a lot of connection problems (i can access the webpage or ping only for scarce periods of time) in this box, can barely access web page or nmap/gobuster, anyone else feeling this problems?
User - enumerate, find exploitable app. don’t let warning messages deter you - check if it’s open source and see what’s going on behind the scenes. be sure to be thorough and double check what/where you’re pointing things, adjust any tools or scripts you find to help with debugging.
Root - guaranteed you’re doing TOO much enumeration, think of one of the most basic things you’d check when popping a shell and google to check status.
All, I am very new and this is my first box. I am pretty stuck on getting user (I’ve read the posts here, Nmap done and see the N*** service on port 3***. I saw the object message, but can’t crack the riddle. Not sure what to do - a nudge would be appreciated.
Just got root, I am sure there are several ways for both user and root, but I only explored one route for user and one route for root. PM for hints, hope you are following the same route as me.
i’m trying to get root on this machine. i have downloaded up******44.c exploit and compile it then give it the execute permission. and then after run it i got an error : Invalid argument !! Any suggestion about this error
I’ve been stuck on getting user for two days. I’ve uploaded the file and am running the exploit but I never get a connection back. I just need to confirm my thought process is right. Can someone PM me, please? Thank you!
Edit - Got root! Thanks @mogyub for the hint. PM me for hints.
I got nothing in help machine only things i got i the url to upload something on it and i tried to upload but don’t known uploaded succesfully or not because there is a filter which says files are not allowed and i didn’t understand things which related to time pls guide me
Privilege esc took me forever on this one. I think I did it the wrong, boring way. I am still completely confused by the apparent credentials and all the hints around getting them correct and shells. I tried every single permutation and substitution that exists in this area and still couldn’t get in.
Can anyone PM me with some more details around this? I have to know what I’m missing here.
I’m stuck… I can upload the file but no way to access it. When I run the exploit I have an error coming all the time: “”" Max retries exceeded with url: *****.pp (Caused by NewConnectionError(‘<urllib3.connection.HTTPConnection object at 0x7fa369195f90>: Failed to establish a new connection: [Errno 113] No route to host’,)) “”"
I have studied the script and the exploit and I can’t find what’s missing.
Any idea about that?