Sense

Yeah, can someone also pm me, been stuck on this for days.

Finally finished the challenge.

When enumerating with tools like Dirbuster, keep the number of file extensions to the minimum!

Using too many extensions will make the scan longer which will likely cause you to cancel it and may cause the tool to miss the file if too many threads are being run. Keep it simple!

With regards to the default password people are trying to find. In the kindest way, use common sense! No wordlist or bruteforce is required.

Could someone possibly give me a clue and DM me the extension to look for? I have read all of the posts and tried many wordlists and extensions with no luck.

Thanks

@Pwdrkeg said:
Could someone possibly give me a clue and DM me the extension to look for? I have read all of the posts and tried many wordlists and extensions with no luck.

Thanks

Same here please, any directions?

i finally did this awful box. imho it requires more luck to get through first phase than know-how. this box reminds me of some bad CTFs on vulnhub.

you can PM me if you need some pain relief :wink:

Can anyone DM me and throw me a hint when it comes to the enumeration phase? Like others, I have tried DirBuster, WFUZZ, etc looking for multiple file extensions with no luck. Any hints would be highly appreciated.

It’s Ok for me. I’ve owned it ( user and root). Nice box wish can get you get crazy if you follow the white rabbit ( like I followed). That I could say, enumeration and search for how to connect to the admin panel ( a specific stuff) , then, exploit and that’s it :wink: I worked many hours to get this f***** credentials. Keep calm and that work.

@FlapJack Combined all of this discussion is just a one big spoiler. Ummm I don’t know if one could put anything else over here. Perhaps DM me if you are still stuck.

@Omnisec I was able to get it! Thank you for offering your assistance! Two boxes rooted and I am close to my third one!

How long is too long when dirbusting this machine?

I m frustrated. I need help if I am on the right track.

I got it. Oh no, realy? It s simple. PM me for help

can someone PM hint for this box?

feel free to PM me for those who are in trouble in this machine :tired_face:

Hi to all . I stuck after the login . I googled found exploits for this version but nothing is not working properly . found one the half working but have bugs in it so do I need to fix it or I am missing something or I need to google more . thank you in advance

these machine is a real pain in the )&)&_)*, every time it tries enum it crashed, but after you find what your looking for its real simple, thanks for the help

lol use the right word list and it’s rooted in about 5 minutes. FFS!!!

id did not have that luck, every time i run a tool in 3 minutes it failed has to reset the vm, ohh well good thing that is over

I got the file, but I’m struggling to understand something. Can someone that knows dirbuster well please PM me? I want to understand why I got the file by searching with a specific extension, but I did not get the same file when searching with an extended set of extensions (containing the correct one). I’ll provide details of extensions and the result set on PM.
Thanks!

whenever i brute force the machine, the web services die. Anyone faced the same problem?