can anyone give me a hint on getting the admin page? I can create the admin@ user without the “user exists” using the trick, but still can’t log in. Even altering the sess ID.
If you’ve created the admin@ user and you cant log in to the admin portal with the credentials you gave the account, one of two things is likely:
you haven’t created the user correctly.
someone else has attacked at the same time as you and changed the credentials before you used them
You shouldn’t have to mess with session IDs, largely because until you’ve logged in to the admin portal with valid admin creds, you don’t have an admin session ID.
I think I’m doing everything right to get information to leak, but it isn’t working - even on a freshly reset box. Can anyone give me a sanity check? Thanks!
Sanity Check Please LOL!! I have done the process too many times to count, i have a great article that speaks to the exact same of attack…dont want to spoil anything please pm me!!
Soooo i can get in the admin portal…but seems the password that let me in on the admin portal wont work for the regular access…is this because some changed it that fast? I am on VIP and this box is older… wouldnt think that would be the case
ok just slap me and tell me to stop being impatient got user…on to root
I’ve learnt a lot especially for the user part! I got stuck on root for a while though but rooted it anyway! Thanks @MrR3boot for the learning experience!
note: i spend about 4 hour on root exploit because ı forget to give permission something, its not hint but i hope no one make same mistake really stressful 4 hour
Guys, I cant get lr*** to trigger… It was working and suddenly stopped working…
I am doing same exact thing as i did when it got triggered… anybody faced similar issue?
I’m stuck on the root… can any body give tips about it?
I can’t start reverse shell my host unavailable from book.htd and I try use lo*****e and it doesn’t work