NIbbles

Need help with the SQLi

@dvnv same here

How can I find the default user and password? I stuck here for a week :anguished:

For those that saw “unable to resolve host Nibbles: Connection timed out” when running a command, you can ignore it. The command still runs but thows the warning because the hostname is Nibbles, and the hosts file is missing that entry.

Hi,
Im new here and its great - something new for me. I hve question about pwd - I was lucky and found username/password combination. It’s there some other way to find that combination or just guessing? I want an answer only with yes/no. Thanks.

@blackangel said:
Hi,
Im new here and its great - something new for me. I hve question about pwd - I was lucky and found username/password combination. It’s there some other way to find that combination or just guessing? I want an answer only with yes/no. Thanks.

Not to my knowledge, but this kind of login combo is a recurring theme on this site :slight_smile:

Great, thank you.

Hi all, i got the user, but can’t have the root. can someone help me pls ?

Hey for those that have been struggling with the login credentials.

If you run the tool cewl to generate the password list from http:///nibbleblog/, then cleanup the data (remove things that are obviously not going to be the passwords). Take the remaining data and convert string to upper and lower case. You should be able to find the password. The login credentials can easily be found by enumerating sub directories using your favorite tools for finding content (burp spider worked for me) and searching the files for clues.

Note, it looks like people are changing the password periodically, so if the password doesn’t hit. Maybe a reset on the box is needed if you don’t find it during your first pass.

I hope this helps anyone that is still struggling with this box.

Regards,
DJ

pm me if u want help, but for anyone looking for root, upload and run linenum.sh as usual, maybe it turns up somin fishy?. Also, make use of the what u got :slight_smile:

Having issues still, got the user.txt. I tried to enumerate and look at cronjobs and permissions for running commands. Am I on the right track looking for commands I can run? I already got a shell out of the box but cant get root or admin access. So with an unprivileged account is looking at file directories in detail a good approach?

@“HeiGou黑狗” said:
Having issues still, got the user.txt. I tried to enumerate and look at cronjobs and permissions for running commands. Am I on the right track looking for commands I can run? I already got a shell out of the box but cant get root or admin access. So with an unprivileged account is looking at file directories in detail a good approach?

i would say ‘enumerate enumerate enumerate’, but that always pisses me off xD, try and find a file maybe, which can pop as root? pm for more info

Spoiler Removed - Arrexel

oh , i did it, but i’am stuck to getting the root ./ any hint ?

@Ju577Ry explore the file system, see if you can find anything interesting to run. (PM me if you want less subtlety)

Reading the thread so far i’ve got the user but not able to move any further.?Tried linuxEnum.sh but says command not found it is my first box any hints where should i be looking? Found personal.zip but dunno what to do with it…

@Megaman said:
Reading the thread so far i’ve got the user but not able to move any further.?Tried linuxEnum.sh but says command not found it is my first box any hints where should i be looking? Found personal.zip but dunno what to do with it…

LinEnum is a script, you can get it from github https://github.com/rebootuser/LinEnum/blob/master/LinEnum.sh

If you’ve found a zip file you think is interesting, extract it , look at all the files in there, are they executable, what do they do, what permissions do they have?

my first machine, two questions: first, I got the creds and found the files root.txt and user.txt, but they are empty (0 byte of size). I uploaded the LinEnum.sh file but I can’t execute it. I think I misunderstood how to get the root… second: Why my profile shows that I didn’t get a user if I cracked the creds? what is the user flag?

@ipbsec said:

@Megaman said:
Reading the thread so far i’ve got the user but not able to move any further.?Tried linuxEnum.sh but says command not found it is my first box any hints where should i be looking? Found personal.zip but dunno what to do with it…

LinEnum is a script, you can get it from github https://github.com/rebootuser/LinEnum/blob/master/LinEnum.sh

If you’ve found a zip file you think is interesting, extract it , look at all the files in there, are they executyable, what do they do, what permissions do they have?

Thanks for the hint @ipbsec Just rooted yesterday :slight_smile:

Enumerate more for priv esc and this article from g0tmi1k is awesome I suggest you read it