So far I found the 2 ports open after doing an all ports scan. Directory busting got me nothing, I saw the clue on the web server. But I do not see anywhere to upload the web shell. Can someone give me a nudge as how to get to a spot to upload?
Did you get where to upload?
you found the hint have you tried looking up that hint?
So far I found the 2 ports open after doing an all ports scan. Directory busting got me nothing, I saw the clue on the web server. But I do not see anywhere to upload the web shell. Can someone give me a nudge as how to get to a spot to upload?
Did you get where to upload?
you found the hint have you tried looking up that hint?
yeah
i already have the sn and wn ssh shells, still struggling with priv esc
So far I found the 2 ports open after doing an all ports scan. Directory busting got me nothing, I saw the clue on the web server. But I do not see anywhere to upload the web shell. Can someone give me a nudge as how to get to a spot to upload?
Did you get where to upload?
you found the hint have you tried looking up that hint?
Yup I got it. But stuck at privilege escalation to r**t. Any hint?
How are people getting ideas of OSINT? i see it nowhere in the page source!
and also the author has collection of web-shells? but how do i use this info?
and also how do i use OSINT to proceed further?
How are people getting ideas of OSINT? i see it nowhere in the page source!
and also the author has collection of web-shells? but how do i use this info?
and also how do i use OSINT to proceed further?
The author has a collection of webshells. These are .PHP. you are attacking port 80. Maybe you can check for webshells already installed?
How are people getting ideas of OSINT? i see it nowhere in the page source!
and also the author has collection of web-shells? but how do i use this info?
and also how do i use OSINT to proceed further?
The author has a collection of webshells. These are .PHP. you are attacking port 80. Maybe you can check for webshells already installed?
also, whats this hype about OSINT in the discussions?!
(Quote)
also, whats this hype about OSINT in the discussions?!
It stands for Open source intelligence. It’s a very broad term to use. It is using any legal means of collecting information on a target. Think of it as being passive reconnaissance
why does it say my flag is incorrect even after resetting it?
The dynamic flags should change on each reset. It probably takes a few minutes after a reset for the flags to be working but I’ve no idea how it works on the backend.
If you have problems with this, you need to raise it with HTB via Jira so they can understand the scope of the problem. Jira Service Management
why does it say my flag is incorrect even after resetting it?
The dynamic flags should change on each reset. It probably takes a few minutes after a reset for the flags to be working but I’ve no idea how it works on the backend.
If you have problems with this, you need to raise it with HTB via Jira so they can understand the scope of the problem. Jira Service Management
How are people getting ideas of OSINT? i see it nowhere in the page source!
and also the author has collection of web-shells? but how do i use this info?
and also how do i use OSINT to proceed further?
The author has a collection of webshells. These are .PHP. you are attacking port 80. Maybe you can check for webshells already installed?
They are gone now as of the submission of this comment. Finally once i got an idea of how to approach after the OSINT, it’s gone.
Not sure what’s going on but that’s not cute, man lol. People need to stop ruining the fun.