Postman

Spoiler Removed

managed to get root, thanks @MrPennybag and @sqw3Egl for the nudge on foothold!

Looking for some help, I can’t get john to crack i*_*.b
used ***2john.py and rockyou and still nothing.

Type your comment> @strix553 said:

Looking for some help, I can’t get john to crack i*_*.b
used ***2john.py and rockyou and still nothing.

Same :frowning:
edit: just my curly hands thx @bumika & rooted

Interesting. PM me, and I try to help you.

Hi guys, someone can give me some hints about the initial user enumaration? I’m on the right way (i guess) but i can’t figure out how to find the right user to exploit the r**** shell.

Could anyone help me with Postman machine ?
In the begining…I’m stucked with Webmin page, and i don’t know what i need to didIf you can’t understand me, could you talk me ?
I’m brazilian, and i don’t wanna use translate. I need traine my english and my hacking skills LOL

Well that was embarrassing, trying to open a door with the key the wrong way around - ■■■■!

User + Root = Root Dance!!!

Shout out to @dnperfors for the nudge - thank you.

Can someone PM ME?

I am trying to ssh as the user after using john successfully. I keep getting connection closed by xxx port 22. Is this normal?

Type your comment> @Reigada said:

Can someone PM ME?

I am trying to ssh as the user after using john successfully. I keep getting connection closed by xxx port 22. Is this normal?

Check the content of sshd_config.

Mmkay. I need a nudge. I have found the ports and services I should be looking at. Found the webmin page. I can connect using r****-c** to the appropriate port. It seems to make this particular exploit work I would need a valid username.

So I think that’s where I am failing. Can I assume I need to enumerate further to uncover this information? If so (or not) would someone mind giving me a push in the direction.

Thanks!

Hello anyone can give me a nudge! already got the shell via r*** and i’m sure i have to find a .ba* file but i don’t know where to search for that.

Anyone else finding/found this box really tempremental?..Exact same process sometimes successful and sometimes not…or is it just me?

Type your comment> @ByteM3 said:

Anyone else finding/found this box really tempremental?..Exact same process sometimes successful and sometimes not…or is it just me?

if your talking abt getting into r**** . its because everyone is running the exact same script and overwriting everyone else using that script.

anyone can help me with root?

@pjnrodrigues said:
anyone can help me with root?

Machine is rated with CVE
Why dont u find one??

Type your comment> @pjnrodrigues said:

anyone can help me with root?

IF you find your first approach looking at the middle ages… try to listen and LEARN what the elders have to tell you…

Spoiler Removed

I think I need a nudge… I ran Nikto, scanned all for nmap. Found the post man login page. I attempted to use r***s however whenever i try to set the keys in the db i get a permissions denied error. I am at a loss now.

Really great box, rooted it and me and a friend sat down and wrote up a way to exploit wn without using m***t. Just b and mv needed (with a valid login ofc). My first ever submission to the exploit-db and we’re really happy it worked!