stuck for 2 days i dont understand how to freaking get that access on the odd port. just have that pwd found in that c*****.*** file, a bunch of usernames but having problem with *r for the request. need a nudge. tried different users but always get Forbidden. i’m enumerating since yesterday but can’t find anything else.
Here are my hints:
Enumerate the ■■■■ out of it.
Find the goodies on one port, use the goodies on another port… (google if you can’t figure out how)
Even MORE goodies here, try these goodies out somewhere else.
after that… yup, another goodie. The final goodie.
DM for nudges. Let me know what you’ve done so far.
Any one that can pm me, pertaining to the curl syntax - it would be greatly appreciated.
Edit: Got User & Root.
User was definitely the more difficult one, since it requires a syntax, and if you’re not familiar with jwt bearer tokens, it could be a very big pain in the ■■■.
Got my 30 points for this box. Thanks @H4d3s for the work <3
This box is not my favorite one. I learnt some stuff about jwt authentication but if you just
follow the medium article it’s feels a bit of cheating. I highly recommend to read some further articles about jwt authentication to understand what happend here.
HI all,
I’ve logged in to port 3*** fine and retrieved a list of usres but there’s no passwords, am I missing something obvious?
EDIT> Yes, I missing something obvious, found it
I see a lot of questions around syntax for c***, PM me for help anyone
Poe
Only JWT part is challenging(That too could’ve been easier if i did some basic stuffs first…instead of thinking complex)…other than that it’s really straight forward… And thanks for @illuminatiguy for the nudge!!
That was an interesting box that made me learn some things I didn’t know. It was all a matter of chasing down credentials and proper enumeration. The rest just falls in your lap.