Writeup

I’ve trying to check everything that visible, I found pg= Am I in the right path?

Type your comment> @NeoBox said:

I’ve trying to check everything that visible, I found pg= Am I in the right path?

Maybe read the other posts? :stuck_out_tongue:

Type your comment> @hxmo said:

Type your comment> @PwrZer0 said:

Hey guys as only port 80 is there to enumerate I can’t dir bruteforce am i even in the right direction please pm me if i’m

try burpsuite

I tried but I couldn’t reach anything useful up till now If someone could spot a light for me please PM !

Hint for user:
Don’t use dirbuster, gobuster, etc. there is no need to brute force directories. Look at a popular file you might find on a web server that is commonly misconfigured by admins thinking it actually makes it more secure. This will give you a start to where you need to be. If you don’t have this plugin, I recommend installing a Firefox plugin called wappalyzer, its a neat tool. Just enumerate. This should be more than enough to help you find what you need to use to get access. Next step, Queen - We Will Rock You (Official Video) - YouTube.

Type your comment> @PwrZer0 said:

Type your comment> @hxmo said:

Type your comment> @PwrZer0 said:

Hey guys as only port 80 is there to enumerate I can’t dir bruteforce am i even in the right direction please pm me if i’m

try burpsuite

I tried but I couldn’t reach anything useful up till now If someone could spot a light for me please PM !

spider the target

The exploit used in this machine is seriously on of the most user-friendly I have even used. Funny to use, it is like it came out of a movie!

wappalyzer*

@emaragkos said:

The exploit used in this machine is seriously on of the most user-friendly I have even used. Funny to use, it is like it came out of a movie!

Exactly what I thought! Like watching The Matrix :tongue:

Type your comment> @emaragkos said:

The exploit used in this machine is seriously on of the most user-friendly I have even used. Funny to use, it is like it came out of a movie!

hahahahaha

Type your comment> @emaragkos said:

The exploit used in this machine is seriously on of the most user-friendly I have even used. Funny to use, it is like it came out of a movie!

This! :joy:

Tip for user: If you believe you’ve found something but not enough, you probably have found enough. Try to figure out what it is you found instead of looking for more content. Remember that it’s an “easy box”, so most likely the user shell isn’t going to require much effort - looking back anyway. When you feel like you can relate to the above quote, you’re in a good place. At least you’ll get the joke anyway.

any hint on root? does s**** G**** related?

@emaragkos said:
The exploit used in this machine is seriously on of the most user-friendly I have even used. Funny to use, it is like it came out of a movie!

That exploit made me want to redo everything I ever did in python to print that beautifully

What beautiful exploit.
Almost like Swordfish movie terminals hahah.

anyone available to give me a nudge?

do you need creds for the exploit?
because none in searchsploit that do not require authentication worked for me

Type your comment> @0xAMS said:

do you need creds for the exploit?
because none in searchsploit that do not require authentication worked for me

No creds needed. A simple google search and a quick scanu of the results should be enough

Type your comment> @p0n said:

Type your comment> @0xAMS said:

do you need creds for the exploit?
because none in searchsploit that do not require authentication worked for me

No creds needed. A simple google search and a quick scanu of the results should be enough

i did searchsploit on the software and used the exploits it mentioned with no luck

managed to get creds, need a bit of a nudge
I feel like I’m overlooking something as I can’t get the creds to work on /w******/a****

@Cynn maybe enum other services futher

Thanks @smithc can’t believe I overlooked that