Blunder

Any hints for login one

Spoiler Removed

Any hint for password

Spoiler Removed

found the CVE. Tried different wordlists to fuzz, wandered through js files ,still didn’t got anything useful!!! Nudges appreciated.

Rooted!

For small nudges DM me

most of the webpages are showing B**** , any nudge please

The Blt a* page should be bypassed using the br*e mi python script available online but its not working for me, i will give respect on your profile please dm me a nudge. And i have tried exploring all the files no luck there.

Got the CVE and using that the shell access, but how to go about escalating privilege???

rooted

fun box, admittedly i did need a nudge to get wordlist for login
rest was fairly simple

rooted. massively overlooked the obvious. Must remember easy boxes are EASY!

Spoiler Removed

Type your comment> @sidchn said:

The Blt a* page should be bypassed using the br*e mi python script available online but its not working for me, i will give respect on your profile please dm me a nudge. And i have tried exploring all the files no luck there.

The script must be adapted and you need to have the right user… and the right wordlist.

rooted. thanks to @bertalting

Rooted! (: Easy machine. Focused only on basics.
Login: Sometimes the webpage will give you everything you want. Also, you do have to fuzz.
User: Enumerate. You will find something at initial stage only.
Root: I don’t think any hints are required for root. It was seconds away after the user. Very easy. :smiley:

Any nudge for getting through the l***n page would be appreciated.

Type your comment> @choupit0 said:

Type your comment> @sidchn said:

The Blt a* page should be bypassed using the br*e mi python script available online but its not working for me, i will give respect on your profile please dm me a nudge. And i have tried exploring all the files no luck there.

The script must be adapted and you need to have the right user… and the right wordlist.

sounds Cool :slight_smile:

Type your comment> @choupit0 said:

The script must be adapted and you need to have the right user… and the right wordlist.

Do we get the right wordlist through guessing or some hint on the box?

Type your comment> @d3spis3d said:

Type your comment> @choupit0 said:

The script must be adapted and you need to have the right user… and the right wordlist.

Do we get the right wordlist through guessing or some hint on the box?

In front of you ?

i can’t even run a normal nmap scan, dirb is working with 10 words a minute. is it just the free server? is it more stable on premium?