So I’m working on #8, skipping #6 and #7 for the moment.
For this, I found that the publicly accessible port gives me some information, but I can’t seem to find a method to extract the exact info I need.
I thought it might be useful to connect to a different port (*200), but this one is only accessible to localhost. So I need to do some forwarding.
Could someone help me with the command I’m running via what I found in #5?
I’m trying to get it to work using s***t
Pesky 504’s are killing me
EDIT: looks like I might have to do Overflow first?
EDIT: finished Overflow, but still having issues
So like many people that have posted here I have used dig in every configuration that I can think of and have still had no luck. If someone could provide a helping hand it would be most appreciated. Please PM me.
ok I think I am nearly there with overflow however I am unable to get my code working.
I am still for the life of me can’t get a reverse shell on to jet, tried netcat, socat and whichever.
for overflow, I am running using burp with socat however, failing.
so it took me over 2 days to get my head around buffer overflows and with help from @FlatMarsSociet and @EvilT0r13
I have had good success with other parts however, I am now stuck with following three
Elasticity
Member Manager
Memo - i have a rough idea of what that is
So like many people that have posted here I have used dig in every configuration that I can think of and have still had no luck. If someone could provide a helping hand it would be most appreciated. Please PM me.
unable to get a reverse shell from web … any nudges pls ?
Nobody says you’re supposed to get a revshell
Huh?
roo@kali:~/hack_the_box/machines$ nc -nvlp 8081
listening on [any] 8081 …
connect to [10.13.14.11] from (UNKNOWN) [10.13.37.10] 36820
bash: cannot set terminal process group (1304): Inappropriate ioctl for device
bash: no job control in this shell
www-data@jet:~/REDACTED$
unable to get a reverse shell from web … any nudges pls ?
Nobody says you’re supposed to get a revshell
Huh?
roo@kali:~/hack_the_box/machines$ nc -nvlp 8081
listening on [any] 8081 …
connect to [10.13.14.11] from (UNKNOWN) [10.13.37.10] 36820
bash: cannot set terminal process group (1304): Inappropriate ioctl for device
bash: no job control in this shell
www-data@jet:~/REDACTED$
It’s not because you can, that you really need to.
Sometimes people get stuck looking for a way to get a revshell, while everything they need is right in from of them
unable to get a reverse shell from web … any nudges pls ?
Nobody says you’re supposed to get a revshell
Huh?
roo@kali:~/hack_the_box/machines$ nc -nvlp 8081
listening on [any] 8081 …
connect to [10.13.14.11] from (UNKNOWN) [10.13.37.10] 36820
bash: cannot set terminal process group (1304): Inappropriate ioctl for device
bash: no job control in this shell
www-data@jet:~/REDACTED$
It’s not because you can, that you really need to.
Sometimes people get stuck looking for a way to get a revshell, while everything they need is right in from of them
That’s fair. In this case, a revshell provided no more towards the objective than was already available. A ‘distraction’, as you say.
Got some JSON output for elasticity but not sure if the content is supposed to serve as a hint. Stuck on elasticity like most people on the forum apparently…