Json

Can I get a quick PM about initial foothold? Keep getting subsequent errors with POCs.

aehm… ys******l and the bunch of parameter… too many quotes for the upload of a payload (trying to get root). Any suggestion?

fun ride after forest, straight forward box, no windows vm needed for ys******.
thx to @amra13579

Type your comment> @BadRain said:

aehm… ys******l and the bunch of parameter… too many quotes for the upload of a payload (trying to get root). Any suggestion?

update:
payload uploaded… but can’t run it! :frowning:

Very good machine, and I usually hate windows ones. I had fun with the user part.

so, whenever i log in after a 3 seconds booom they kick me out… there is block in signing in on their web? help with it… its very frustrated

Finally rooted.

For those of you struggling to get a payload to execute, the Stormtrooper is your friend. That’s where I was stuck for a lonnngggg time. The rest of what you need is in this thread.

got stuck for about 2 days on privesc chasing rabbit holes thanks to hashcat.

If anyone wants nudges P.M me :slight_smile:

Ok, got in as u******l… got a reverse shell… almost there…

Rooted

Quit interesting (and fast) machine.
Still dont know why my payload didnt work but thanks to @nullorzero for helping in debugging something we both didnt see

Rooted.

The most interesting thing, That I developed a python exploitation script to automate the process for initial shell.

really enjoyed. many thanks.

got meterpreter working, but can’t find the right exploit

please dm me if someone knows the way to root via the service, i used the vegetable way as well :smiley: thanks for all the help and @johndoe :smiley:

Hi there,
I am new to this forum, I picked this machine actually to learn something about JSON.
I spent most of the time trying understanding Angular and JWT*** and I’ve “decrypted” the js file. I used default creds.Any clue (web resources) on how to move on would be really much appriciated.

Thx a lot.

Hints for intended root access: F…a is not the only program using F** on the host.

I have rooted this machine using a kernel exploit but I am very interested if there is another way (lets say somekind of misconfig). Pm me please in case u know

Nice box, I wasn’t very familiar with this technique (user). Little tip, while developing the exploit, inspect traffic between machines and don’t just rely on what you see in the output. The errors may make you believe your code did not execute while it may have.

Okay so this is gonna be a really noob questions, but we all start somewhere. I have been banging my head against this machine from a kali VM. I get that its a Windows target, but with the category of this machine being Windows, does that mean you USE a windows machine to own the machine, or does that just designate what type of machine it is and you can use whatever OS you want to get the user/root?

Type your comment> @LycanByte said:

Okay so this is gonna be a really noob questions, but we all start somewhere. I have been banging my head against this machine from a kali VM. I get that its a Windows target, but with the category of this machine being Windows, does that mean you USE a windows machine to own the machine, or does that just designate what type of machine it is and you can use whatever OS you want to get the user/root?

Generally it is NOT necessary to use the same OS, but in this case you are worth using a Windows VM to do some “offline” tasks.

Can anyone pm me some reference for yso*****. N**.? Checked on google, most of the use cases are for java. I dont know how to apply it for. Net ASP