Remote

18911131430

Comments

  • Could you anyone help me, I'm able to ping my machine using POC , but nothing works to upload the file to get reverse shell.

    I tried powershell and copy as well

  • edited March 26

    ..

  • @bharathacker if you have the POC pinging back to you try getting it to request a file from your webserver. Once done that find out how to get it to download and execute what it downloads.
    You may need to google how to escape special characters depending on how you do it. That wasted an hour for me

  • edited March 27

    Type your comment> @Meatex said:

    I am in the same boat as xboxfreak54
    Confirmed RCE with ping and got it do web requests and download files but any more complicated scripts are no go. Not sure where its storing downloaded files and tried downloading and then executing by running exploit with command to just run but no joy yet.

    How did you manage to get it doing web requests?! Could you please advise me (PM)

    EDIT: finally found my way through it and got user :smile:

  • Could someone help me with the exploit syntax? should we change url_l ** in from step 2 and url_x ** t from step 3 to avoid having the error VIEWSTATE = soup.find (id = "__ VIEWSTATE") ['value']; at line 54
    I have modified many times these fields but without sucess
    Thank you in advance

  • i have a problem with user.txt :pensive:

  • rooted using Remote thing, thanks my mates. wonder how people did with u********

    peek

  • @cybrscrp said:

    i have a problem with user.txt :pensive:

    Whats the problem?

    TazWake

    Happy to help people but PLEASE explain your problem in as much detail as possible!

  • When i loggin on the webpage page stay blank then says session time out ?

  • edited March 27

    Trying to root it using u****c, created a new user but the runas command password prompt disappears before I can type everything in and any reverse shell I've tried just isn't working. Any advice on how to get runas to work?

    E: Rooted! Just had to find the right syntax and stay local for shell! Going to try intended way now if this was the unintended way

  • @TombBuster said:

    Trying to root it using u****c, created a new user but the runas command password prompt disappears before I can type everything in and any reverse shell I've tried just isn't working. Any advice on how to get runas to work?

    Try something else - you dont need to create a user then runas for this path.

    TazWake

    Happy to help people but PLEASE explain your problem in as much detail as possible!

  • i rooted using u****c. now i am trying to use the tv remote but i'm having problems there finding the right channel. not sure if I just dont now how to exactly use it. can someone pm me please and I will explain what I tried so far. thx

    zaphoxx

  • Having issues running a certain module on the system to enumerate and get to root, if anyone can help me out please hit me up :)

    MrHyde

  • rooted this box, thanks everyone for the hints and DMs, pm me if you need nudges.

  • Fun box @mrb3n ! But the lag is very annoying

  • rooted pm for hints :)

  • edited March 26

    rooted. Thanks @foxlox and @TazWake for the clarification.

    MrHyde

  • Can anybody help with creds?
    Can't find anythings after mount!!

    Arrexel
    Ask for hints only please and give +1 respect if you like my hints. Thank you

  • @killerhold said:

    Can anybody help with creds?
    Can't find anythings after mount!!

    Strings is helpful.

    TazWake

    Happy to help people but PLEASE explain your problem in as much detail as possible!

  • Type your comment> @TazWake said:

    @killerhold said:

    Can anybody help with creds?
    Can't find anythings after mount!!

    Strings is helpful.

    Thanks :wink:

    Arrexel
    Ask for hints only please and give +1 respect if you like my hints. Thank you

  • edited March 26

    Just started this box and the web server (port 80) looks broken (down) at the moment. "Server Error in '/' Application." And my reset requests have been canceled. Anything useful I need to find on the main website? Ive found /Umbraco which is working though...

    Supremacy

  • Got root with the vuln but can someone help me with the TV way ?
    PM me if you're stuck.

  • edited March 26

    Rooted, but if someone can PM me the TV way as well since I think that's the intended way...

    MrHyde

  • Please stop resetting the box every 5 minutes, this is getting ridiculous.

  • edited March 26

    Rooted, PM for hints
    I used the U*******C to get root, please let me know the other way to get root

  • edited March 26

    Got brain damage on user payload.

    C:\Windows\system32>whoami
    whoami
    nt authority\system
    

    Hack The Box

  • Is anyone else having issues getting the U****c to open a connection back while running the abusive command? It says it has completed but I am not getting a root shell.

  • edited March 26

    Finally rooted. User part was hard for me, i got help for user part. Root's part was easy but took some time :wink:

    User Hint: Look ports and search services. When you find a some creds think easy what you can do, then maybe you need to change somethings for get a shell.

    Root Hint: Look what services are running. When you find it, google is your helper. How it can be exploit?

  • edited March 27

    Spoiler Removed

  • Root, TY @zaqqaza5

    Arrexel
    CCNA, CCNA SEC, SEC+

Sign In to comment.