Luke

Type your comment> @syan1de said:

Rooted! Felt like I was doing a CTF again, Learnt some new stuff, so I can’t complain.

Any tips on how to come across the token? I know how to use it once I get it since it is similar to another box that’s active, but I only have the txt file which I guess is a reference to some anime.

I used dirbuster to enumerate endpoints.

Anyone kind enough to give me a nudge, found plenty of creds, seem unusable… Thanks

edit: nevermind…

Authenticated into A***** but stuck. Just got a pretty much blank UI. Rabbit hole?

Edit: Nevermind. UI is there after reset. Someone must have spooned it.

Type your comment> @ZerkerEOD said:

Type your comment> @1NC39T10N said:

I wasted hours trying to find the the second to last login screen. If you have found the mother load of credentials and have not yet found the right place to put them, then make sure you scan port 80 using dirb NOT gobuster. The common list will do.

Do you know why gobuster doesn’t work? I found out I could use dirsearch.py also.

Also anyone able to help me with some type of resource for the n***.j* page? Can’t find anything.

Gobuster won’t work by default because one of the directories in question will respond with a 403 status code, which gobuster chooses to ignore unless you configure otherwise.

My connection to this box is very inconsistent. I think there is a high number of people brute forcing this box.

I’ve spent a couple hours looking into this and though I’ve found a couple login pages, I’ve yet to discover any creds.

I feel like I’ve glossed over it as I’ve checked each port, dirb/nikto/dirsearch the ports and I’ve been looking into n****s and I’ve gotten no further :confused:

Type your comment> @zetascrub said:

I’ve spent a couple hours looking into this and though I’ve found a couple login pages, I’ve yet to discover any creds.

I feel like I’ve glossed over it as I’ve checked each port, dirb/nikto/dirsearch the ports and I’ve been looking into n****s and I’ve gotten no further :confused:

If you’re looking for files that might contain credentials, remember to search for more than just directories.

Well that was easy, rooted! Anyone needs help PM me :slight_smile:

I need some guidance, I found the initial credential, after that I got a list of users without a password. From here, I do not know where to go. If anyone can help PM me, thank you.

I need help
I found many credentials non of them usable

i got root.txt
thanks for everyone
FEEL FREE TO PM

Finally, pwned it. I’ve learned a new thing. Thanks, @syan1de for an awesome hint. Feel free to PM me if you got stuck.

Rooted! Thanks @idealphase for the nudge! Anyone who need help feel free to pm :wink:

Type your comment> @Ryan412 said:

The moment when this is a 30 points box making it equivalent to Unattended and Arkham …

This.

any hint to get auth token…

Type your comment> @iamsundi said:

any hint to get auth token…
in pm

Hm… This box is very ctf-like. But thanks to the author
Hints:
User - Enum and do it.
Root - Just do it. =)

Type your comment> @Ralveng said:

Type your comment> @iamsundi said:

any hint to get auth token…
in pm
check pm

Type your comment> @agr0 said:

Gobuster won’t work by default because one of the directories in question will respond with a 403 status code, which gobuster chooses to ignore unless you configure otherwise.

I think you meant 401 rather than 403 (gobuster will list 403 by default, but not 401.) At least that was my experience.

Hello,can someone help me?I am stuck on odd port

Edit:
Solved.I expected it to be more difficult. Thanks @lionelc for help with curl