Blunder

any hints on how to use that script for login page?

Type your comment> @liquidrage said:

any hints on how to use that script for login page?

the swiss key repo for the vuln

Any hints for the password ? I found a CVE but seems not working here

I’m stuck about the same way as several people. I find a lot of info enumerating but when it comes to a user/password to exploit, I’m not sure if the info I’ve already found is the hint.

Right now I’m just using bigger wordlists. :smile:

Any hints for login one

Spoiler Removed

Any hint for password

Spoiler Removed

found the CVE. Tried different wordlists to fuzz, wandered through js files ,still didn’t got anything useful!!! Nudges appreciated.

Rooted!

For small nudges DM me

most of the webpages are showing B**** , any nudge please

The Blt a* page should be bypassed using the br*e mi python script available online but its not working for me, i will give respect on your profile please dm me a nudge. And i have tried exploring all the files no luck there.

Got the CVE and using that the shell access, but how to go about escalating privilege???

rooted

fun box, admittedly i did need a nudge to get wordlist for login
rest was fairly simple

rooted. massively overlooked the obvious. Must remember easy boxes are EASY!

Spoiler Removed

Type your comment> @sidchn said:

The Blt a* page should be bypassed using the br*e mi python script available online but its not working for me, i will give respect on your profile please dm me a nudge. And i have tried exploring all the files no luck there.

The script must be adapted and you need to have the right user… and the right wordlist.

rooted. thanks to @bertalting

Rooted! (: Easy machine. Focused only on basics.
Login: Sometimes the webpage will give you everything you want. Also, you do have to fuzz.
User: Enumerate. You will find something at initial stage only.
Root: I don’t think any hints are required for root. It was seconds away after the user. Very easy. :smiley:

Any nudge for getting through the l***n page would be appreciated.