Luke

Starting the discussion thread

Good luck everyone !!!

I’ve found some credentials. No idea where to use them yet

Same boat

Type your comment> @m4xp0wer said:

I’ve found some credentials. No idea where to use them yet

and I know where to use them but box was just reseted before I catched credentials… will try catch them again)

Funny I was working on higher ports and just noticed the main web port was open, didn’t catch it on my first nmap scan, probably the box wasn’t fully up yet.

Found 3 different login pages. Have not found any credentials yet…

I enumerate the box and didn’t find any credentials. Can you give a hint?

Me neither no credentials but yeh plenty of login pages lol

WTF 4 user owns already? Where are you guys finding the entry point?

Stuck in the same boat as @m4xp0wer, no idea where to use these creds.

Same boat. Got the creds, no luck with them. Has anyone tried brute-forcing all the login pages?

Got some creds but they appear to be for m****. Is that the creds you’re talking about?

hmmmm, I guess I am in the same boat as everyone else. Maybe the json needs to be worked on more?

Got a list, dunno what to do with it.

Same boat as @tiger5tyle.
Didn’t found any login pages except for A****i and those creds didn’t work there.

Keep trying passwords folks… and feel free to mix usernames xD

did anyone find the fake user.txt file…ughhh it says “this box is terrible” wth ?!?

Was fun while it lasted!

Yup, I’m still stumped, can anyone grace a nudge upon me?