Low privelige shell got, let’s see what’s next…
Type your comment> @trollzorftw said:
Type your comment> @UrielY said:
The exploit on r***s should work?
Yes
what if it doesn’t? no session was created
Type your comment> @rowra said:
Type your comment> @trollzorftw said:
Type your comment> @UrielY said:
The exploit on r***s should work?
Yes
what if it doesn’t? no session was created
You should play a bit with the CLI and realize that you need to edit your script a little
@trollzorftw said:
Type your comment> @rowra said:
Type your comment> @trollzorftw said:
Type your comment> @UrielY said:
The exploit on r***s should work?
Yes
what if it doesn’t? no session was created
You should play a bit with the CLI and realize that you need to edit your script a little
I used r***s
to get a shell as the user r***s,
can I use a script to get a higher privelige user or does it lead to the same shell?
Type your comment> @clubby789 said:
@trollzorftw said:
Type your comment> @rowra said:
Type your comment> @trollzorftw said:
Type your comment> @UrielY said:
The exploit on r***s should work?
Yes
what if it doesn’t? no session was created
You should play a bit with the CLI and realize that you need to edit your script a little
I used
r***s
to get a shell as the userr***s,
can I use a script to get a higher privelige user or does it lead to the same shell?
I had the same idea, but I can’t access the higher privilege user folder, im getting permission denied.
R***s service cli look > @rowra said:
Type your comment> @trollzorftw said:
Type your comment> @UrielY said:
The exploit on r***s should work?
Yes
what if it doesn’t? no session was created
I used tnet and ncat working fine with me.
but the command syntax for listing directory annoying little bit.
Found W***** but cant seem to find the r***** that some have mentioned. A hint would be welcome.
Type your comment> @ZeWanderer said:
Found W***** but cant seem to find the r***** that some have mentioned. A hint would be welcome.
Scan again, and scan ALL
@trollzorftw said:
@ZeWanderer said:
Found W***** but cant seem to find the r***** that some have mentioned. A hint would be welcome.Scan again, and scan ALL
I thought of doing that, however it seems like because of the amount of people doing that, seems to be essentially DDoSing the machines, should we just keep cancelling the resets in shoutbox?
im completely stuck. Both the exploits i thought to work dont work either cause i cant config it right, or i just dont understand it…
I found rs and w*n but dont have any sort of clue how to use em
Same - got low privs shell - kinda lost on whats next - still enumerating…
Type your comment> @j3wker said:
Same - got low privs shell - kinda lost on whats next - still enumerating…
How did you get low priv shell? My R***** and W***** exploits keep failing
Rooted. A tad CTF-like, but pretty fun.
Foothold: Scan everything. The next step is well documented.
User: Enumeration scripts should find it, you won’t have to go too deep.
Root: You might have seen a method you couldn’t have used earlier, you can now.
Ok so slight update:
One exploit i tried apparently worked, but…theres no session that was created
Type your comment> @ZeWanderer said:
Type your comment> @j3wker said:
Same - got low privs shell - kinda lost on whats next - still enumerating…
How did you get low priv shell? My R***** and W***** exploits keep failing
I’d like to know as well…nothing I normally do with r***s in the wild is working for me.
Type your comment> @MonocleHat said:
Ok so slight update:
One exploit i tried apparently worked, but…theres no session that was created
haha me too, i got a little excited when i saw the exploit going green, then showing a “no session created” kinda bummed me out xD
We shall try harder
Type your comment> @Crashie said:
Type your comment> @MonocleHat said:
Ok so slight update:
One exploit i tried apparently worked, but…theres no session that was createdhaha me too, i got a little excited when i saw the exploit going green, then showing a “no session created” kinda bummed me out xD
We shall try harder
I need another box to rank up ;-;
Type your comment> @MonocleHat said:
Type your comment> @Crashie said:
Type your comment> @MonocleHat said:
Ok so slight update:
One exploit i tried apparently worked, but…theres no session that was createdhaha me too, i got a little excited when i saw the exploit going green, then showing a “no session created” kinda bummed me out xD
We shall try harder
I need another box to rank up ;-;
■■■ me too (i think), but try harder :')
Stats: 0:46:53 elapsed; 0 hosts completed (1 up), 1 undergoing SYN Stealth Scan
SYN Stealth Scan Timing: About 3.45% done; ETC: 16:03 (21:52:21 remaining)
It’s just insane. a little nudge that will help to narrow down port list will be greatly appreciated