Sneaky

Hi, I’ve been trying to look for some vulnerability in web app, but I couldn’t figure it out how. maybe someone can give me some small hint to progress. thank you.

Hint → dirb + google bypass login page

Thank you. I will try that.> @CodeNinja said:

Hint → dirb + google bypass login page

Thank you. I will try that.

Yeay! and now for the hash.

wer to go after bypassed … i dindt find any port for ssh…

I too didn’t find ssh ports.

@pentester720 said:
I too didn’t find ssh ports.

I enumerated and find, ssh is running … now I know everything like hostname, kernel version, installed services etc…But still not find ssh … :anguished:

@pentester720 & @Agent22 you have a PM ^^

Sorry guys… I am spending a lot of times against this machine :frowning:
I was able to write files into the writable folder of my, to dump users and hashes, to bypass the login and to dump all but I am still blocked.
I am not able to get a code execution.
Stacked queries are disabled, no plugins, the writable folder are not loaded as plugin dir, I bruteforced the directory where I can list the file in /var/… but nothing.
The secure file-priv is blocking me :frowning:

** Spoilers removed - Arrexel **

** Spoilers removed - Arrexel **

** Spoilers removed - Arrexel **

** Spoilers removed - Arrexel **

** Spoilers removed - Arrexel **

in which part rayns? :anguished:

change your “approach” to this box. imagine you have key, and there is invisible lock for connection but it can be seen from “somewhere”:slight_smile:

Thank you,
I’m stuck with the privilege escalation. I have been debugging with gdb-peda for a few hours but I do not see the way.

@rayns said:
Thank you,
I’m stuck with the privilege escalation. I have been debugging with gdb-peda for a few hours but I do not see the way.

keep it up man, you will do it .

DONE it … :wink:

@Agent22 said:

@pentester720 said:
I too didn’t find ssh ports.

I enumerated and find, ssh is running … now I know everything like hostname, kernel version, installed services etc…But still not find ssh … :anguished:

Im at this point right now, I found “something” which helped me to enumerated more about this machine, I saw there’s an SSH somewhere (I saw the port but nothing works…)

The “translation IP” message just confused me… I’ve being trying something but still stuck on this.

Any help? =P