Safe

Any hints on root ?

if we need to do what i think we need to do with the tottaly dope port, thats soooo cool :slight_smile: im loving this

Yeah i think i was wrong. Overexcited :slight_smile: well pushing on

Guys, ignore my previous comments, im noob and I got trolled(by myself), these command execution worked locally :neutral:

Whoever uninstalled python and python3 is a sadist…

How even this box got approved. wasted my precious time today on this. Its simply copy of previous ones…

@D4nch3n Why not add your SSH key to authorized_keys if you have RCE?

Type your comment> @snowscan said:

Why not add your SSH key to authorized_keys if you have RCE?

Whoooooops I forgot you can do that…

Thanks haha

deleted

deleted

i have binary local exploitation in my machine, but doesnt work remote…

Any hint on where to find the binary? Or is that after you figure out the high port?

Type your comment> @liquidpascal said:

Any hint on where to find the binary? Or is that after you figure out the high port?

Enumerate the web a little bit, you will find the file.

Any tips on what to do to crack the .kd** file? hashcat isn’t working…

i need to up my enumeration game, positive realization. Since i afaik have exhausted my wordlists(dirs/files) using the most common tools like dirbuster,gobuster and dirsearach, i am a bit stomped about how to locate the binary. Would anyone mind dropping some names of techniques which i must have overlooked.

It might also be the case that i haven’t gotten to the point, i have found the higher port , interacted with it and also spotted how to make it not wanna talk/answer. and i do believe i understand where this puts me in context of exploitation etc, but its either a blind effort which does not seem to fit with the reports getting hold of the binary (in this thread)

Thanks for your brain!

Type your comment> @Ketil said:

Would anyone mind dropping some names of techniques which i must have overlooked.

Turn off 90% of your brain and just right-click.

@opt1kz @jkr brain officially disconnected !

*derp , herp derp… derp derp derp

thanks guy, il just go crawl back in my shame corner : P

Type your comment> @MrR3boot said:

How even this box got approved. wasted my precious time today on this. Its simply copy of previous ones…

Is it a retired box by chance if it is could you DM me please, trying to make the most out of vip :slight_smile:
Thanks in advance if you can

Type your comment> @mojorisin said:

Type your comment> @MrR3boot said:

How even this box got approved. wasted my precious time today on this. Its simply copy of previous ones…

Is it a retired box by chance if it is could you DM me please, trying to make the most out of vip :slight_smile:
Thanks in advance if you can

I think the box mentioned here is Jarvis, it’s Active now.

I’m actually doing it now nearly at user after a couple of shells, and thanks.

Can someone PM me nudge on user. Completly stuck right now…