Traverxec

Spoiler Removed

I am not totally convinced it is the DDOS exploit which crashes the server.
I am on VIP and tried as soon as the box was release with nmap sT 10.10.10.165 and port 80 was closed.
After two reset, still closed.
So i am not totally convinced it is just the DDOS.

Type your comment> @minimal0 said:

I am not totally convinced it is the DDOS exploit which crashes the server.
I am on VIP and tried as soon as the box was release with nmap sT 10.10.10.165 and port 80 was closed.
After two reset, still closed.
So i am not totally convinced it is just the DDOS.

Same Here

For the fucks sake.
Read exploit descriptions before using them… fucking bastards.
Weird how /e****.ht** works thought

I got in and have credentials, but cannot use it until now…

Type your comment> @c1cada said:

Type your comment> @minimal0 said:

I am not totally convinced it is the DDOS exploit which crashes the server.
I am on VIP and tried as soon as the box was release with nmap sT 10.10.10.165 and port 80 was closed.
After two reset, still closed.
So i am not totally convinced it is just the DDOS.

Same Here

Yep, I have switched vip servers, multiple resets, have not seen it open yet…

Type your comment> @Gboxx said:

I get User DD and Password N****e, ssh locally not working, su not working, any suggestions ?

thats the thing… don hv any login page too in the website

Spoiler Removed

Most probably a rabbit hole. They are way too in the open

anybody found a way to use creds? or just a simple rabbit hole?

God these creds for the user d***d but they seem to be useless

Type your comment> @minimal0 said:

I am not totally convinced it is the DDOS exploit which crashes the server.
I am on VIP and tried as soon as the box was release with nmap sT 10.10.10.165 and port 80 was closed.
After two reset, still closed.
So i am not totally convinced it is just the DDOS.

It was open for me though. Its weird hmmm

The port 80 being closed problem should be resolved. And don’t ever DoS on htb.

Type your comment> @Gboxx said:

Type your comment> @Shad0wQu35t said:

Type your comment> @Gboxx said:

I get User DD and Password N****e, ssh locally not working, su not working, any suggestions ?

thats the thing… don hv any login page too in the website

I think these credentials are troll :frowning:

No, they aren’t. Try harder

Type your comment> @olsv said:

Type your comment> @Gboxx said:

Type your comment> @Shad0wQu35t said:

Type your comment> @Gboxx said:

I get User DD and Password N****e, ssh locally not working, su not working, any suggestions ?

thats the thing… don hv any login page too in the website

I think these credentials are troll :frowning:

No, they aren’t. Try harder

Did you ever use them? If so, I am curious about that. I rooted it without ever using those credentials.

Type your comment> @trollzorftw said:

Type your comment> @olsv said:

Type your comment> @Gboxx said:

Type your comment> @Shad0wQu35t said:

Type your comment> @Gboxx said:

I get User DD and Password N****e, ssh locally not working, su not working, any suggestions ?

thats the thing… don hv any login page too in the website

I think these credentials are troll :frowning:

No, they aren’t. Try harder

Did you ever use them? If so, I am curious about that. I rooted it without ever using those credentials.

Yep. They eventually lead to D…

got user, root is hard, i’m still enumerating

Can I get a hint about how to start user without port 80 open?

Spoiler Removed

Got foothold and the credentials for the user, cant ssh or su to the user using the cracked credentials. Any hint on this one on how to escalate to user?