@emaragkos said:
The exploit used in this machine is seriously on of the most user-friendly I have even used. Funny to use, it is like it came out of a movie!
That exploit made me want to redo everything I ever did in python to print that beautifully
I dunno if the exploit is “matrix” or swordfish" like, but is does sort of remind me of padbuster, the way it increments, I guess. It is neat tho, having phun
The exploit used in this machine is seriously on of the most user-friendly I have even used. Funny to use, it is like it came out of a movie!
This!
Tip for user: If you believe you’ve found something but not enough, you probably have found enough. Try to figure out what it is you found instead of looking for more content. Remember that it’s an “easy box”, so most likely the user shell isn’t going to require much effort - looking back anyway. When you feel like you can relate to the above quote, you’re in a good place. At least you’ll get the joke anyway.
do you need creds for the exploit?
because none in searchsploit that do not require authentication worked for me
No creds needed. A simple google search and a quick scanu of the results should be enough
Yes, I agree w/ @p0n. But I’d say @0xAMS, you lie, or perhaps, ahem “Try harder”.
lie??
the exploit needed has to do with sqli (the others did not work)
and the sqli did not work also
this is where my exploit stops
at this point
[+] Salt for password found: 1
[*] Try: js
next time if you have nothing positive to say keep your opinion to your self
I say you lie, because I used searchsploit to find an unauthenticated exploit for a piece of software clearly listed in wapalizer. Very straightforward.
I guess the positive thing to say would have been “provide it a wordlist”. my bad, I guess.