Finally rooted i got crazy with this box.
It’s not difficult but it’s unstable and the root part may tkae too long if you don’t find a way around. Be ready to die if you are not VIP lol
Congrats to the creator and thank you @c4ph00k for your valuable hint
Port forwarding is not required. And the WebUI is also not required. If you read the docs on the vulnerable service, you can do everything (for root) with 2 well-written curl commands.
I am so stuck on thisbox, I have so far done the nmap scan and that is it. I have also had a look at the FTP and seen two users with txt files but are struggling to get files due to spaces, I have also found the site on the ssl port. Anyone pm me to help?
I am so stuck on thisbox, I have so far done the nmap scan and that is it. I have also had a look at the FTP and seen two users with txt files but are struggling to get files due to spaces, I have also found the site on the ssl port. Anyone pm me to help?
try (get “xxx yyy.txt”) on ftp without parentheses
I am so stuck on thisbox, I have so far done the nmap scan and that is it.
Well, it’s a good way to start.
It’s a windows box so millions of ports are open but don’t let that put you off. Just work through the ports.
I have also had a look at the FTP and seen two users with txt files but are struggling to get files due to spaces,
Only one file has spaces. The other one shouldn’t be a problem.
When you have spaces, remember quotes exist.
I have also found the site on the ssl port.
If you mean port 443, this might be a bit misleading. Focus on 80 first. If you really look into this, you don’t actually need the text file with spaces.
Well I finally got root and I think I made that much harder than it needed to be. Oh and whoever changed the user hash on the box…naughty, naughty. No Christmas card for you.
It is true that the GUI is a pain but let’s be honest you are here to learn tricks, so go for the API. Reading a bit of doc about a new service, and finding the efficient way to get stuff done is what pentesting is all about…