Wall

1246718

Comments

  • In this box both exploits did not work for me. But after repairing they work well.
    So consider that as a part of the game and happy rooting ;)

    tabacci

  • Type your comment> @Thms84 said:

    Never mind, I give up. Does not worth the time.

  • edited September 15

    Well, my native language is not English, so it's hard for me to guess which page I should access with these tips. Is there a technical way to find this page that starts with c? I mean, is it possible to find it with some Kali wordlist, for example?

    What I have so far are the three already mentioned.
    a*.***
    p****.***
    m*********

    I''ve done all kinds of requests that can be made with the protocol, and nothing.

    Edit: Just to explain, the tips are language independent, I was making a typing mistake. =/

  • I''ve done all kinds of requests that can be made with the protocol, and nothing.

    Which ones specifically? Did you not get any extra information from them?

    rowra

  • edited September 15

    Type your comment> @rowra said:

    I''ve done all kinds of requests that can be made with the protocol, and nothing.

    Which ones specifically? Did you not get any extra information from them?

    PM you.

    Edit: Thank you @rowra and @argot !

  • augh!! any hints on the c******* login credentials? i know it is supposed to be easy but I have gone through all the plainly obvious ones...

  • Type your comment> @krisd4 said:

    augh!! any hints on the c******* login credentials? i know it is supposed to be easy but I have gone through all the plainly obvious ones...

    Are you sure about that? If you rock the authentication, you should gain some useful information.

  • @godzkid said:
    Type your comment> @gorg said:

    as far as I can tell, the credentials provided on the developers webpage, don't work

    reading this discussion it is said that they are really simple

    hmmm

    i am inside c****
    just exploit not working

    hw did u get in ?

  • Type your comment> @hackerst34k said:

    hey @krisd4 how did you find that c****** login pages because i tried every wordlist but i didnt find any directory starting with c*****

    refer to the teacher hint..."verbs" can be an attack vector by teacher especially when u r in an English class.

  • am stuck on /c****** creds
    i can't find them on developers webpage as said
    please any hint ?

  • edited September 15

    terrible. i stuck on finding /c****** to and need help. please !

  • Spoiler Removed

  • Spoiler Removed

  • Type your comment> @krisd4 said:

    you could describe the METHODS using only about six VERBS, if you GET what I am saying....

    that's almost spoiling ;-)

  • Type your comment> @rheaalleen said:

    Loving the box so far

    From that video, it's almost as if you were suggesting that we now turn to the pols.

  • Got the login, but exploit isn't working.
    Do we have to modify the exploit? Tried various rev shells methods, nothing seems to work

  • @Splinterdav hint for user/pass combo?

  • Type your comment> @Splinterdav said:

    Got the login, but exploit isn't working.
    Do we have to modify the exploit? Tried various rev shells methods, nothing seems to work

    Yes, a modification is needed, but I'm having trouble with the correct rev shell too xD

    Tohzzicklao

  • Type your comment> @krisd4 said:

    @Splinterdav hint for user/pass combo?

    Well, it is pretty common. I guessed it by trying basic high priv usernames with passwords from a common password list.

  • struggling from the rce i can't get rev shell
    any hint ! :cry:

  • anyone who has rooted it please pm me
    i am struggling to get the correct payload to get reverse shell to get command execution
    help me

  • Anyone who needs hints related to brute-forcing the C******* can ping me...I have an easy way ;)

  • cracked the c**********, now python CVE not working.... tested, using right ip and port , the script says it is triggering succesfully, but nothing is hitting my listener any ideas?

  • hint for inital foothold:
    If you plan to do without script. Learn the application, abuse what you can do.

    IceM4nn

  • edited September 17

    ....

  • Rooted. Pretty disappointed with this one. Thanks to the creator, regardless.


    Hack The Box
    defarbs.com - "Let me just quote the late, great Colonel Sanders, who said, 'I'm too drunk... to taste this chicken.'”

  • currently stuck with /p****.*** , /m*********/ and a*.*** , any tips? been seeing some tips floating around about verbs / teachers? no idea what thats about, maybe be more specific. thanks

  • edited September 15

    Type your comment> @tabacci said:

    In this box both exploits did not work for me. But after repairing they work well.
    So consider that as a part of the game and happy rooting ;)

    I'm also kind of stuck here... any hint's on how to repair? (I guess it has to do with changing the value of n*****_b**)

    HTB Profile

  • Type your comment> @tabacci said:

    In this box both exploits did not work for me. But after repairing they work well.
    So consider that as a part of the game and happy rooting ;)

    Its not that they didnt work bro - it had m**sec***** installed ..
    and second exploits did work perfectly fine for me

Sign In to comment.