Thanks @chivato glad that you had fun.
the first vulnerability / exploit was one of my favourites I’ve seen. Enjoyed the box thanks
I Need help user :[
Found some vhosts, found the “hints” to what is wrong with the site(s), found some names in an answer to a url request, found source of the countdown (client side), found a login. And stuck, next step unknown
I’ve found the hash for the IDE through another vuln. Do I need to crack/bruteforce this hash to login? I’ve tried rockyou, but that didn’t work.
Type your comment> @12thRockyou said:
the first vulnerability / exploit was one of my favourites I’ve seen. Enjoyed the box thanks
Yes, I know which one you are talking about, the exploit that stood out was very fun, but like I said, I still think the initial foothold was a bit of a stretch
Type your comment> @12thRockyou said:
the first vulnerability / exploit was one of my favourites I’ve seen. Enjoyed the box thanks
Welcome.
What kind of magic is that ? Amazed.
Rooted, after a good time, thanks for the box she is great !
Type your comment> @Seepckoa said:
Rooted, after a good time, thanks for the box she is great !
@Seepckoa said:
Rooted, after a good time, thanks for the box she is great !
Welcome <3
@halfluke said:
Found some vhosts, found the “hints” to what is wrong with the site(s), found some names in an answer to a url request, found source of the countdown (client side), found a login. And stuck, next step unknown
I’m at the same step.
I’ve enumerated a bit and know what app is running on one of the su***** and a RCE exploit for it, but still no creds for that login. I’m wondering if limited brute forcing for that login page is necessary, i’ve got a few users to try from other services.
Brrr
Type your comment> @snowscan said:
Very nice box @MrR3boot, I enjoyed it a lot.
Awesome. Thanks for the feedback @snowscan.
rooted … very good box. I enjoyed a lot and learned a lot
Hii! Nice machine! I´ve found a code… but i dont know what to do with it. I m also looking an image…not sure about if it means smthing.
Any hint?
Spoiler Removed