Could anyone give me a hint please? I’m having trouble understanding the script. I’m just getting a $ and no command execution. I’m also not sure where to begin with manually doing it.
Could anyone give me a hint please? I’m having trouble understanding the script. I’m just getting a $ and no command execution. I’m also not sure where to begin with manually doing it.
Hard to tell what that script is and what it’s doing by name alone!?! > @s37h said:
I am proper stuck right now and I feel ashamed. I have the user creds for jy but cant find the password for j*a. I have a hash that I’m trying to crack with john, but its taking forever.
A solid nudge would be awesome.
You need to use Johns friend first, to get it in the right format, if you haven’t already done so.
I am proper stuck right now and I feel ashamed. I have the user creds for jy but cant find the password for j*a. I have a hash that I’m trying to crack with john, but its taking forever.
A solid nudge would be awesome.
If it is just a hash you found in a file, you dont always need to crack it - there are ways you can bypass the step which checks for it, before it gives you the thing you need.
If it is a key rather than a hash, @CuriousJ gave you the perfect advice.
OK, so yesterday I spent around 4 hours trawling through files trying to find creds for User2. I had to give up and go to bed.
I just woke up and got the J***y ssh again to find a whole bunch of files that weren’t there last night. so I got root flag but I’m sure it is an unintended way cause the file was named strangely. still stuck on getting
Rooted finally after baging my head on root for a while.
Almost every hint is already given here in the forum (thanks to everybody!) but again: it’s sometimes so obvious that it get’s overlooked. I didn’t thought that some escalation pathes may have some parameters that are already given as well. It’s easy to execute but you have to read carefully.
I get the message
“[] Command Stager progress - 100.14% done (705/704 bytes)
[] Exploit completed, but no session was created.” if I try to create the meterpreter session… also tried different payloads, same error, any suggestion?
I get the message
“[] Command Stager progress - 100.14% done (705/704 bytes)
[] Exploit completed, but no session was created.” if I try to create the meterpreter session… also tried different payloads, same error, any suggestion?
The MSF one is far from perfect but it depends on the payload. If you use a non-staged one you might have better luck, but I found the bash script was much more effective.
I wish there weren’t so many box resets. I think I understand why it’s happening, but the low-hanging fruit from first pass of enumeration just isn’t there (not that I was able to see anyway) and results in trolling everyone else who is further along
I get the message
“[] Command Stager progress - 100.14% done (705/704 bytes)
[] Exploit completed, but no session was created.” if I try to create the meterpreter session… also tried different payloads, same error, any suggestion?
The MSF one is far from perfect but it depends on the payload. If you use a non-staged one you might have better luck, but I found the bash script was much more effective.
An example of a non-staged? I tried running the bash script and it didn’t work, I tried almost any payload for linux and it’s also not working, same error. (Also tried a simple reverse shell)
An example of a non-staged? I tried running the bash script and it didn’t work, I tried almost any payload for linux and it’s also not working, same error. (Also tried a simple reverse shell)
But to be clear, I never got MSF to work here. The bash script is much better.
The bash script is not a reverse shell, it is an RCE. Don’t be fooled by this, it is all that you need to get a foothold and find a user account. You dont need to generate the hassle of a reverse shell which will die every time someone resets the machine.
If the script and msf are generating the same error, the problem is likely to be how you are invoking it. I cant imagine the bash script is saying it cant send a stager though.
I understood that the bash script was a RCE, it didn’t work until now that I tried “sed -i -e ‘s/\r$//’ expl.sh” before executing it… Idk what that command does but I found it reading some comments here