Remote

@qwas2zx9 said:

Hi, I am stuck on how I can locate where my upload is? Any nudges?

You can specify where it goes.

Type your comment> @TazWake said:

@qwas2zx9 said:

(Quote)
You can specify where it goes.

Thanks @TazWake. Got user.

Banging my head against a wall here… My POC script kept failing to run so I tried logging into the CMS to attempt it manually, however when I try to login I keep getting a session time out error. I’ve attempted to change my timezone to match the one on the machine hoping that would fix it… no luck, can anyone point me in the right direction? Thanks

Scratch that… got it working… >.>

I need help to start i have only found the pass hash but dont know any thing how to do it please someone pm me

right now i m in s…_b…s.
any nudges to proceed further…?

@sau123 said:

right now i m in s…_b…s.
any nudges to proceed further…?

Enumerate files. Some which may be in data format can still be read with head and strings.

Rooted with U****C way. Cool box learned lot of things. I struggled for user part because of timezone issue then change the server and it worked out ! thanks @pkaiser for giving nudge. Also would like to knw about TeleVision Way, pm if you got that way.

Pm if somebody need help, happy to help <3

Finally got user. I spent 2 days working on the script, 2 days!!! Just to find out I had it right all along the first time around but had some slashes going in the wrong direction. /facepalm. On to root

Nice and easy box.

User -
Check all the ports and it should lead to some interesting information. Think what are the important files you can check when you have tons of files around. Then you can extract some helpful information for it which is need for the RCE.

Root -
A really basic enumeration will show you the “Path”.

Nice machine, it has a OSCP touch

My hints:
user: verify all the ports and think about files. Then enumerate

Root: just typical enumeration will give you system. Maybe you will need some research to scalate about findings

Where would I get the username and password. anyone please help

well, i’m an idiot - got low priv user and thought i needed to privesc into another user for the flag…

Rooted! Got it using the US way. Would be interested in getting an idea of how the TV way works. Did some searches online but couldn’t find much to go about it that way. Would love a hint or idea for the sake of learning more.

If anyone needs a hint or a nudge feel free to message me what you’ve tried

think i’m stuck on root - wait, yes, stuck on root… been going down the path of using what is related to the name of the box and i think i have decrypted what i need to…
nudges welcome
update - not stuck anymore… silly me. holler if you need some helps
take care

edit: I think I realized what is going on with the password situation haha.

got root using the “intended” method. Thanks to @TazWake @dok72. If anyone needs a nudge, feel free to pm

Rooted.

Can someone PM me if i have the correct credentials.
I found them from the n*s but both usernames and the one password i found arent working even after a reset.
Also i get a error with the .py script.
Thanks

got user
need help with root
i think i found the REMOTE SERVICE but didnt find a way to exploit it

@Frodl said:

Can someone PM me if i have the correct credentials.
I found them from the n*s but both usernames and the one password i found arent working even after a reset.
Also i get a error with the .py script.
Thanks

If you got the password from the n*s, it should come with a user name which you can use to log into the portal and the hash format.

If you didn’t have to crack the password, you might have the wrong one.