Pretty much stuck after establishing a t*****. Tried various combinations of the leaked creds to access the internal service but none of them work. I’d appreciate a nudge
EDIT:
User:
The key thing is to use the right wordlist and properly enumerate all directories, otherwise you’ll be going down the many rabbit holes this box has. It should be obvious once you found it. From then on google it and you’re well on your way!
Root:
As some others mentioned, the devil is in the details. It’s a very common privesc attack but with a twist, so don’t give up right away, pay attention and you’ll find the right path…
Got the Ad****r lo**n but unable to get in with the creds found. Also looked for exploits :s
Anyone pls who can PM me if this is the right track or another rabbithole?
Pretty much stuck after establishing a t*****. Tried various combinations of the leaked creds to access the internal service but none of them work. I’d appreciate a nudge
I am stuck at the same part, just wondering how to get past that.
tried all combinations of creds too.
Is a****_**. with all that numbers thing a rabbit hole?
Found a lot of creds and got the dump and the tar file but cant find a place to use them to get a shell
Is a****_. with all that numbers thing a rabbit hole?
Found a lot of creds and got the dump and the tar file but cant find a place to use them to get a shell
I wonder if actually everything inside the uy-s*** folder is a rabbit hole.
Is a****_. with all that numbers thing a rabbit hole?
Found a lot of creds and got the dump and the tar file but cant find a place to use them to get a shell
I wonder if actually everything inside the uy-s*** folder is a rabbit hole.
I personally think we can get some hints from that folder that would aid us into later steps.
1- There is absolutely no guesswork involved.
2- For user, attention to detail is key here. There are quite a few clues that should save you time.
3- It is meant to be an easy box. Think basics.
4- For root, the devil is also in the details.
Pretty much stuck after establishing a t*****. Tried various combinations of the leaked creds to access the internal service but none of them work. I’d appreciate a nudge
Rooted. Now, that was fun. Lots of enum, but still pretty straight-forward. Especially loved the root part. Thank you @polarbearer and @GibParadox for that nice machine
Just wondering why there are so many users on the system.
@HomeSen said:
Rooted. Now, that was fun. Lots of enum, but still pretty straight-forward. Especially loved the root part. Thank you @polarbearer and @GibParadox for that nice machine
Just wondering why there are so many users on the system.
Because the “box owner” has good intentions, but poor execution