I’m stuck at the www-data shell. I’ve tried ls and cat and everything but I can’t find anything of interest (except passwd file).
Finding the user accounts is a useful thing.
I’ve being trying to cd to different directories in the www-data shell, but whenever I pwd, it always prints the same directory /opt/ona/www. is this supposed to happen?
Yes, this is exactly what should happen if you are using a remote code execution (RCE) exploit. Every time you issue a command it is a new exploit. This is not a shell, so you cant change directory.
But there is literally no reason to change directory.
Running: cd /tmp then ls is identical to running ls /tmp
Running cd /tmp then ls then cat interesting.file is identical to running cat /tmp/interesting.file.
Help please! Been stuck here for 4 hour
Look at the interesting files around where you have landed.
Hello guys, i have a problem. I have cracked the password of j***a but when i try to connect via ssh i can’t connect with that password. PS. i know that’s the correct password cause when i put it in the file with the prte key it accepts it.
Any help?
I’m stuck at the www-data shell. I’ve tried ls and cat and everything but I can’t find anything of interest (except passwd file).
Finding the user accounts is a useful thing.
I’ve being trying to cd to different directories in the www-data shell, but whenever I pwd, it always prints the same directory /opt/ona/www. is this supposed to happen?
Yes, this is exactly what should happen if you are using a remote code execution (RCE) exploit. Every time you issue a command it is a new exploit. This is not a shell, so you cant change directory.
But there is literally no reason to change directory.
Running: cd /tmp then ls is identical to running ls /tmp
Running cd /tmp then ls then cat interesting.file is identical to running cat /tmp/interesting.file.
Help please! Been stuck here for 4 hour
Look at the interesting files around where you have landed.
Hello, i have managed to get a reverse shell but i am now trying to ssh as one of the j*** users… when i try ssh j***@10.10.10.171 or ssh j***@openadmin.htb nothing works… any ideas/hints? (it still shows that i am w**-****
Rooted Openadmin today, nice and easy box. Took some time to get the c**l working, but eventually figured it out.
Learned something new today, thank you very much!
PM me if you need a hint (you should not, just take your time and read the forum, from page 1 to the end. You will find enough hints to get everything working).
I need help. I’m able to login in as w******a but when looking around for files I’ve only found a db password. Not sure if I’m supposed to be looking for something else.
Hello, i have managed to get a reverse shell but i am now trying to ssh as one of the j*** users… when i try ssh j***@10.10.10.171 or ssh j***@openadmin.htb nothing works… any ideas/hints? (it still shows that i am w**-****
Are you trying to SSH from your session on the box?
I need help. I’m able to login in as w******a but when looking around for files I’ve only found a db password. Not sure if I’m supposed to be looking for something else.
Scroll back a few pages - this has been asked many times.