ServMon

nice box
thank you @dmw0ng.

Oops! Said too much?!
Rooted

Team,

I have user.txt and working rather diligently on root. I have the password for the ++ service, however, I have absolutely no clue where to go next. Any advice would be fabutastic. Also, I am getting that 403 under https!

Not all details are properly documented in the CVE, there’s another way to do it without web gui. Read the docs.

Type your comment> @W4rF4ther said:

Team,

I have user.txt and working rather diligently on root. I have the password for the ++ service, however, I have absolutely no clue where to go next. Any advice would be fabutastic. Also, I am getting that 403 under https!

check the file you have ++ and you need to look through Tunnel vision

Finally rooted. Waited 2 days for less traffic to make the port forwarding work. But there was no need for that. Read the documentation clearly rather than following the CVE blindly. Box is unstable because people are killing it with resets. Pm for nudges
segf4ul7

just rooted. imo, all the tips were given already. for root: read API docs

Anyone able to ping me a tip for root? Got everything in place, just want to ensure its is correct and does work. Battling box resets and script removal here…

Got User … No idea What to do for root . Any nudge pls…

Anyone available for a little nudge? please?

Type your comment> @febinrev said:

Got User … No idea What to do for root . Any nudge pls…

You can find it by read the comments before or googling the application exploitation

Spoiler Removed

Stuck with user

  • lowest port allow anonymous, but no info there
  • got LFI but can’t find correct path to ++ creds
  • bruiting 80 port files won’t work properly so no info also

Any nudge please…

Do not waste your time with Web UI for root.

oh man, this box is suffering bzillion hosersss, cmon…

did any1 managed to get webUI work for root ?
getting 403 even after tunneling.
would appreciate help on pm

Hi,

I’ve not managed to find the P*******.txt file that the 2 documents mention on a service. I’ve looked for the ShP***6 directory but cannot manage to find that either. Any hints on where to look? Thanks.

Finally got root,
TIP: there is no need to go thru, just read the manual…
PM me for tips

Well that sucked. If I was the network admin in that company I would be pretty pissed off at having to use that interface.

The web UI path is pretty straightforward once you work out what you need to do - or there is the api which saves a bit of messing about - although I wouldn’t have understood the api without playing with the UI first.

Type your comment> @CyberMnemosyne said:

Well that sucked. If I was the network admin in that company I would be pretty pissed off at having to use that interface.

The web UI path is pretty straightforward once you work out what you need to do - or there is the api which saves a bit of messing about - although I wouldn’t have understood the api without playing with the UI first.

I could not get to UI it loads forever…