Sniper

Type your comment> @bodresha said:

am still playing with LFI and nothing comes up , did i miss something or i should go to enum again :S

Youā€™re on the right path. See if you can make it more than just local.

I am totally fed up after LFIā€¦Not sure on how to proceed further?

Type your comment> @ow1joker said:

Type your comment> @D8ll0 said:

Will ā€œuser commentā€ lead to something?
I couldnā€™t decode it so far.

You ever figure out what format it was in?

Donā€™t waste your time, itā€™s useless.

Can anyone point me in the direction of lfi I thought it was a language thing but am getting nothing from it :frowning:

Spoiler Removed

:wink:

Rooted - nice boxā€¦
Learned a thing or two

Tips for User: when it equals something - you can always change it

For Root: Just read files - use google - get root.

Got my foothold and some creds, but no idea how to escalate from here

Can I get a sanity check on the initial foothold? I think I have a few things, but I also think Iā€™ve spent quite a bit of time in some rabbit holes.

rootted thanks @farbs

Type your comment> @xdaem00n said:

rootted thanks @farbs

I havenā€™t even done the box what are you talking about? ?

got cmd execution but canā€™t get rev shell. can anyone help me ?
update: got the rev shell, need help with priv esc to user

I found some LFI on the box, but im not sure where to go from there. I created a script to enumerate all the windows dirs, but Im only having luck with two of them. Any help???

Spoiler Removed

This box or the US VIP instance of it is incredibly unstable. Iā€™ve rebooted it numerous times, assigned myself to other boxes then switched back to sniper, Iā€™ve regenerated my VPN connection pack, and iā€™m still having issues with it only staying up for about 1 minute at a time then having to wait another minute or two before it responds to any pings or other network connections.

Same, in every respect.
This must be ā€˜The Sweetestā€™ security mechanism for iis/M$ that no one has ever considered before. Or, something is really messed. Dunno. Gonna retry the lfi/rfi casserole in a few days, no idea.

#rip
Type your comment> @dr0ctag0n said:

This box or the US VIP instance of it is incredibly unstable. Iā€™ve rebooted it numerous times, assigned myself to other boxes then switched back to sniper, Iā€™ve regenerated my VPN connection pack, and iā€™m still having issues with it only staying up for about 1 minute at a time then having to wait another minute or two before it responds to any pings or other network connections.

Type your comment> @dr0ctag0n said:

This box or the US VIP instance of it is incredibly unstable. Iā€™ve rebooted it numerous times, assigned myself to other boxes then switched back to sniper, Iā€™ve regenerated my VPN connection pack, and iā€™m still having issues with it only staying up for about 1 minute at a time then having to wait another minute or two before it responds to any pings or other network connections.

Must be the box im on eu and my shell drops constantly i changed vip servers and payloads same thing

Iā€™m reinstalling kali to make sure itā€™s not my goofy VM settings.

Iā€™m on the final step for root, Iā€™ve even tried other peopleā€™s exact solutions after mine has failed to work, but I just canā€™t get it to work :confused:

Iā€™m in the US with VIP and havenā€™t had any general problems with the box. I think I made SQL crash once, but aside from that I havenā€™t had any problems aside from my general ineptitude on getting a shell to pop.

I know my experiences donā€™t mean you arenā€™t having problems, just wanted to throw out there that it might not be the box, or at least itā€™s not a universal issue.