Finally rooted
It took me to much time because or the curl sintax, at the time it worked i already had all i needed
Thanks to @poe for all the assistance
Finally rooted
It took me to much time because or the curl sintax, at the time it worked i already had all i needed
Thanks to @poe for all the assistance
Finally rooted thanks to @HenryClarke for highlighting something I’d discovered during enumeration then disregarded.
PM me for hints without spoilers
could someone pm me for hints?
EDIT: Found token and some creds,
Type your comment> @no0n3 said:
could someone pm me for hints?
EDIT: Found token and some creds,
I think I’m in the same boat, found the credentials, without passwords… I could use a hint as well
hey guy i’m trying to get T**** and my command return Forbidden could i get some help please?
Hint for all those that have all the creds and can’t find where to use them:
Lots of web applications have two places to login, one for users and one for admins. Take another look at your enumerated folders.
i tried Z***************** Pwith all possible U* but i could not login to any platform
Type your comment> @SkoN said:
i tried Z***************** Pwith all possible U* but i could not login to any platform
PM me bro…
Rooted few days ago, it was fun box though it’s CTF-like lol, PM me if you need some hints.
well I need some help. I am really new to this but am working towards OSCP to get into the security field. Any nudge would be helpful. I have read the articles about JWT’s and just cant seem to grasp how to get these user creds from 3k. I have plenty of directories that are on that port but I cant seem to get around the A*** T****.
Type your comment> @Sephrost said:
Finally rooted
It took me to much time because or the curl sintax, at the time it worked i already had all i neededThanks to @poe for all the assistance
Hi, how did you resolve the “Please Auth” issue? I have generated a token but am unable to use it.
Type your comment> @zweeden said:
Just rooted. Interesting box, not really a fan of it but interesting nonetheless. Thanks to all those that helped. More than willing to help out if you need direction
PM me
Hi, how did you overcome the “please auth” issue?
I have generated the token, but I don’t know how to use it.
Would be glad for your help.
EDIT: Rooted!
Type your comment> @TahaRavvaha said:
Type your comment> @zweeden said:
Just rooted. Interesting box, not really a fan of it but interesting nonetheless. Thanks to all those that helped. More than willing to help out if you need direction
PM meHi, how did you overcome the “please auth” issue?
I have generated the token, but I don’t know how to use it.
Would be glad for your help.
I have the same problem with you
Figured out syntax, got the four creds. tried them all against the m******** login page on 80 and i’m still not able to get in (incorrect info error) any tips are appreciated. Thanks
EDIT : Had to dig a little more, got it
Hello gents,
may i have a nudge on the right direction please?
a newbie is here
THanks in advance
Type your comment> @TahaRavvaha said:
Type your comment> @Sephrost said:
Finally rooted
It took me to much time because or the curl sintax, at the time it worked i already had all i neededThanks to @poe for all the assistance
Hi, how did you resolve the “Please Auth” issue? I have generated a token but am unable to use it.
I just got the T***n wrong the first time
Type your comment> @pp123 said:
Hello,
I am trying to build the proper request to get the T****, but I am receiving a “Forbidden” response when using curl. Any hint or help here would be appreciated.
PP
same situation…
rooted thanks to @m0f0
Im using c… to get the J… t…n but im also struggling with the syntax.
Am I guessing right that “.id_t…n” is not the correct syntax for the POST body?
Can anyone suggest me some dir-list or filenamelist? I had used minimum 8-9 lists but got nothing except c*****.p** and some login pages. From the discussion it seems that i am missing some 3-4 creds files/location.