Can I get some help with the key conversion? I copied it back but I don’t know how to get it into the right format for johns helper to make it readable for john. It tells me “invalid format”.
can anyone nudge me in the right direction? I have a low-priv shell on www-data and have been spending 4 hours going around in rabbit holes to no avail… No idea how to hop on to jy or ja or root. All the hints I see are enumerate enumerate enumerate, but I have no idea what I have not enumerated / enumerated but did not take note of. I found credentials of my** but I am not sure if it is of any use as well.
got low-priv shell, and can get interactive but I see theres no need for it. Could someone give me a little nudge in the way of what I need to enumerate with the original low priv shell in DMs? Thanks!
Lots of head banging at the beginning due to some less than effective enumeration on my part. In the end it was a lot of fun. Thanks to @chopper for the nudges and @dmw0ng for creating it!!
PM if you are stuck and need help, more than happy to help!!
I’m banging my head with this one! lol. I’ve got the www-data shell, been reading through config files for most of the morning but can I find the creds??? Grrrr.
I’m banging my head with this one! lol. I’ve got the www-data shell, been reading through config files for most of the morning but can I find the creds??? Grrrr.
Just start where you land. Look at the folders and see what they contain. One points to a different place which contains what you need to check for reuse.
I’m banging my head with this one! lol. I’ve got the www-data shell, been reading through config files for most of the morning but can I find the creds??? Grrrr.
Just start where you land. Look at the folders and see what they contain. One points to a different place which contains what you need to check for reuse.
Appreciate the nudge, but i’m pretty sure i’ve checked every file so must have missed it somewhere. I need to give my eyes a rest, they hurt from trawling config files. lol.
Anyone else find this box incredibly slow? Is the reason due to people brute forcing things they should not be, or is it just how it is? I can’t even type out commands in SSH w/out it locking up.
Appreciate the nudge, but i’m pretty sure i’ve checked every file so must have missed it somewhere. I need to give my eyes a rest, they hurt from trawling config files. lol.
It depends where you’ve been searching. A lot of people immediately hit the root folder and start checking around etc, opt etc. If you start closer to where you are, you might find it faster.
Appreciate the nudge, but i’m pretty sure i’ve checked every file so must have missed it somewhere. I need to give my eyes a rest, they hurt from trawling config files. lol.
It depends where you’ve been searching. A lot of people immediately hit the root folder and start checking around etc, opt etc. If you start closer to where you are, you might find it faster.
I found a weird password listed in a file, but doesn’t seem to work with any of the known users. So not sure it’s that or not. Starts with a g, three words?
I found a weird password listed in a file, but doesn’t seem to work with any of the known users. So not sure it’s that or not. Starts with a g, three words?
I dont think that is any use.
It is possible that someone has broken something on the box or thought it was funny to modify the password.
Drop me a DM and I can talk in a bit more detail about where you’ve looked.