Wall

Managed to get logged in… I think it’s intended to just guess the password…

Did you wfu** it (or other methods) or guessed manually? I’m stuck at a directory mentioned before.

Was able to login to c******* but have no idea where to go next

Type your comment> @Nihlander said:

Managed to get logged in… I think it’s intended to just guess the password…

Was there a base to which you made a guess?

Type your comment> @acc3ssp0int said:

Type your comment> @Nihlander said:

Managed to get logged in… I think it’s intended to just guess the password…

Was there a base to which you made a guess?

Think simple. Really simple. I ended up finding the creds by writing a bash script to bruteforce the authentication via the API.

Type your comment> @argot said:

That is correct, no need for any creds if all you currentl see is m********, a*.php, and p******.php

I found m******* , a*.php
Can’t find p******.php .
Give hint.

got all the pages. a*.php always returns the same response…rabbit hole?

Otherwise no clue where to go :frowning:

Thanks @argot. Your teacher reference helped me not feel insane after many variations of directory scanning failed. @Nihlander writing a script and “guessing” aren’t really the same things. I found the default creds on the developers websites, but no dice. Throwing hydra at it currently since my logically targeted guesses aren’t working.

A little nudge on thought process of where other potential passwords might be found would be helpful.

Having fun with you guys though so far :slight_smile:

Could anyone give a little hint other than @argot 's vocab one? I got /a*.***, /m********* and /p****.*** but yeah two of these are virtually useless and the last needs basic auth to which I don’t have anything at all

@rowra It’s about the way you approach the pages. Start thinking about different ways to view and interact with the pages.

Spoiler Removed

Fully enumerated but I am stuck on what to do next ??

And rooted. Very disappointed :confused:

Same, any hints on how to interact with .php or p**.php?

@ToneDef said:

Same, any hints on how to interact with .php or p**.php?

Don’t ¯\_(ツ)_/¯

It sounds like most folks are just bruteforcing m*. would default kali wordlist work ??

i got the a*.*** and p****.*** and /m*******
and am stuck now . how can i find credsto login ?
any help

Rooted, the root is so simple. Thanks to the creator of the box ! :smiley:

I don’t think root was intended as it is right now. Initial shell got straight to root with literally the first hit on google