ServMon

Spoiler Removed

Type your comment> @spasimir21 said:

Type your comment> @ls4cfk said:

Type your comment> @spasimir21 said:

Got 7 possible creds, tried all of them in the login portal with usernames an, Nn, N***e, but no luck :(. Any help?

What ports are open?

21, 22, 135, 139, 445, 80, 5666, 6699 - currently running full port SYN scan

You’re already missing at least one that a regular nmap should have picked up.

@spasimir21 He meant, can you use the credentials elsewhere instead of the login portal??

Type your comment> @hammerzeit said:

Type your comment> @spasimir21 said:

Type your comment> @ls4cfk said:

Type your comment> @spasimir21 said:

Got 7 possible creds, tried all of them in the login portal with usernames an, Nn, N***e, but no luck :(. Any help?

What ports are open?

21, 22, 135, 139, 445, 80, 5666, 6699 - currently running full port SYN scan

You’re already missing at least one that a regular nmap should have picked up.

Full scan finished and the new ones are - 5040, 6063, 7680, 49664, 49665, 49666, 49667, 49668, 49669, 49670

Spoiler Removed

Really who had the great idea to make a box with a exploit that needs a reboot???
And even if u don’t need to many will still follow the exploit step by step.
This is just asking for trouble.

Got user! Pretty easy…
Root is really challenging :neutral:

c:\user\administrator>whoami
whoami
nt authority\system

I really like this box ! Despite its simplicity, manage to learn something very usefull !

You guys are harsh with the rating

Type your comment> @madhack said:

Really who had the great idea to make a box with a exploit that needs a reboot???
And even if u don’t need to many will still follow the exploit step by step.
This is just asking for trouble.

Someone made it, but someone accepted it too…

Nice box for a few hours, easiest on here…just wish people wouldn’t change the flags

Type your comment> @dafish73113 said:

could someone help me with what the username is for the login portal on port 80 is? i have the password for it from the N*****t files

i think it’s not necessary :sweat_smile:

■■■ thanks yeah wrong area WOOPS. loving the broken webpages tho, and the error 403 even tho i just double checked the password :)))))))

Spoiler Removed

Type your comment> @interlight said:

Hey,

I have the passwords too, but I don’t know where to use theses…

I tryied FTP, SMB and HTTP, no one let me in.

Could someone give me some help ? :smile:

Which other service can use those creds

It’s really sad to know that there are people who are not familiar with ssh and its powerful features, this is part of the bases for being a good pentester.

It is very sad even when a number of 8 out of 10 people who ask for the solution, rather than a little help.

foxlox
for nudges on discord foxlox#1089
please don’t ask for solutions but little hints

Type your comment> @foxlox said:

It’s really sad to know that there are people who are not familiar with ssh and its powerful features, this is part of the bases for being a good pentester.

It is very sad even when a number of 8 out of 10 people who ask for the solution, rather than a little help.

foxlox
for nudges on discord foxlox#1089
please don’t ask solutions but little hints

Couldn’t agree more!

hmmm, whenever I try to tunnel to some web page to be of an allowed host, I get a PR_END_OF_FILE_ERROR in my browser.
Can anyone give me a hint on whether I’m on the right track to root, and if I do something stupidly wrong with my tunneling?

stuck at foothold feel dumb dont know ■■■■ on windows, could use some help !

I just started this box today, and I have to ask already. Is it unstable?

I keep losing visibility of the website. Checking the shoutbox, it isn’t due to restarts.

Is the webserver being messed with?

Edit: NM - Just read that there is a reset function available within the webapp. Thanks @DarkCoderSc

Got the user very easily

I know what I have to do for root, but cannot get stable connection with ++.
Does anyone know why its happening.

Maybe I am using Free server? or something else