Look harder!! I havenāt rooted it yet, but I think I am on the right path (at last).
ok looked harder. need some help, anyone? PM me please!!
I see a weird job running. cannot say as to not spoil. but runs /usr/sbin/XXXX and in CAPS! file does not exist how is that possible?
with -f, then the other jobs which I cannot edit
I have been at this box for days
THIS BOX IS MINE!!! At long last Wow! That was a journey lol
Well,
Ive read this thread and the tips a few time now; OWASP, Burp etc. I found the 2 files and when i read them i see that they are related. The thing that just escapes me is on how to combine those two for the next step. I burped every field and tried a lot but am missing a crucial step. I donāt know how to use the information i have right now. I think the amount of hosts with the netmask is far lower, but then?
Any kind soul who could guide me in the right direction with a PM?
@CyberWizard said:
Well,Ive read this thread and the tips a few time now; OWASP, Burp etc. I found the 2 files and when i read them i see that they are related. The thing that just escapes me is on how to combine those two for the next step. I burped every field and tried a lot but am missing a crucial step. I donāt know how to use the information i have right now. I think the amount of hosts with the netmask is far lower, but then?
Any kind soul who could guide me in the right direction with a PM?
Iām in exactly the same place as @CyberWizard , any pointers via PM without giving too much away will be much appreciated.
see if the site is hosting anything
I know a whole bunch about the box, but Iām missing the how of many.
@spoppi said:
deanos: as already stated in this thread look at OWASP Top 10 and put both files in conjunctionPM me for additional help if you need
@stevejglover said:
@CyberWizard said:
Well,Ive read this thread and the tips a few time now; OWASP, Burp etc. I found the 2 files and when i read them i see that they are related. The thing that just escapes me is on how to combine those two for the next step. I burped every field and tried a lot but am missing a crucial step. I donāt know how to use the information i have right now. I think the amount of hosts with the netmask is far lower, but then?
Any kind soul who could guide me in the right direction with a PM?
Iām in exactly the same place as @CyberWizard , any pointers via PM without giving too much away will be much appreciated.
guess many people are the same. Can you guyz give more clue about steps after finding out the ip stuff?
Man, this box is making feel like an idiot - I feel like it shouldnāt be this difficult to figure out what to do with the two files, lol
check the format of the file found somewhere else than http, then put both ātogetherā
If anyone has any other hints on how to use these two files please feel free to PM me. I feel so stupid. LOL
I think itās the how of putting both ātogetherā that Iām struggling with
@phoenix192 said:
I think itās the how of putting both ātogetherā that Iām struggling with
ahahaha to be more clear, you guys mean ā.txtā as the file and its format? I told it very clear because finding it is not a challenge. I guess everyone made an NMAP scan and saw it. If yes, I found two things, one of them is that TXT and they both are about āaddresses in IT worldā. But putting both of them together didnāt make any sense for me.
OK, getting somewhere now. Finally have user!
All necessary clues are in the posts above. Burp came in useful for me.
Learnt something new, nice!
@stevejglover said:
OK, getting somewhere now. Finally have user!
All necessary clues are in the posts above. Burp came in useful for me.
Learnt something new, nice!
@uck084 said:
@phoenix192 said:
I think itās the how of putting both ātogetherā that Iām struggling withahahaha to be more clear, you guys mean ā.txtā as the file and its format? I told it very clear because finding it is not a challenge. I guess everyone made an NMAP scan and saw it. If yes, I found two things, one of them is that TXT and they both are about āaddresses in IT worldā. But putting both of them together didnāt make any sense for me.
@stevejglover said:
OK, getting somewhere now. Finally have user!
All necessary clues are in the posts above. Burp came in useful for me.
Learnt something new, nice!
Now I totally agree. all clues were given guys
So i got user on the box, not sure how to Priv esc to root, got sql admin not sure where to go, any hints
I would also be very grateful for a hint. I suspect there are other versions of some files - and an ip that I havenāt found use for yet
Congratulations to that idiot who deleted important files and dirā¦