Type your comment> @Jalaj said:
Please stop Resetting the box again & again
to quote @Rocketeer … you can’t tell me what to do and not to do on this forum.
hope that just put things into context…
Type your comment> @Jalaj said:
Please stop Resetting the box again & again
hope that just put things into context…
Type your comment> @zer0bubble said:
Type your comment> @Jalaj said:
Please stop Resetting the box again & again
to quote @Rocketeer … you can’t tell me what to do and not to do on this forum.
hope that just put things into context…
What do you mean?
L** can lead to any RCE? I guess no.
you just seem quite obtuse by getting argumentative on an internet forum. its silly. He has a valid point. 10 users 3 roots in 2 hours and peopel were begging for hints at the 60 minute mark. You have a valid point that people will do what they want. - the example is asking people for hints ( mirrored as please stop resetting the box) the answer is try harder or any other response. (mirrored, i will reset the box if i want because it is my choice to do that).
Its a self licking icecream cone of internet tom-foolery
Spoiler Removed
how do i blindly enumerate the L**? seems like standard directories wont work…
@Zoinks sick spoilers bro
Type your comment> @Hyperspoke said:
@Zoinks sick spoilers bro
yeah… a bit too much spoilers…
Report it IMMEDIATLY!
Sorry bout that, tried to edit and replace characters with * but was already deleted
wait, they really deleted that? it said literally nothing!
Last login: Wed Jun 17 21:58:30 2020 from 10.10.14.2
root@tabby:~# id && hostname
uid=0(root) gid=0(root) groups=0(root)
tabby
root@tabby:~#
Rooted, fun box.
Wow… Running out of ideas on this one! HTB easy boxes always surprise me LOL
I have l**, I have some users, I have another service running on another port.
The conventional attacks related to l** are not working…
I tried bruteforce with small wordlists, nothing. but, well … bruteforce is never intended so…
I must be forgetting something. Any good souls to give me a little push?
Type your comment> @ferreirasc said:
Wow… Running out of ideas on this one! HTB easy boxes always surprise me LOL
I have l**, I have some users, I have another service running on another port.
The conventional attacks related to l** are not working…
I tried bruteforce with small wordlists, nothing. but, well … bruteforce is never intended so…
I must be forgetting something. Any good souls to give me a little push?
In the same boat. Read extensively on certain documentation in hopes to leverage information. Nothing. Not sure where I can go from here…
Edit: A tiny nudge in the right direction wouldn’t go amiss. :>
Well I’m pretty well stumped. I’ve been unable to get even a user or exploit anything on this server.
L** is there - user guess is ok with 1000 under ***d - a, tried locating *-.xml but not able to find data for login … is it the correct path?
Type your comment> @x03 said:
L** is there - user guess is ok with 1000 under ***d - a, tried locating *-.xml but not able to find data for login … is it the correct path?
I am trying the same, so at least you’re not alone in your thinking.
Type your comment> @x03 said:
L** is there - user guess is ok with 1000 under ***d - a, tried locating *-.xml but not able to find data for login … is it the correct path?
same here. was able to get some information about the exact location of where it’s running from, but no success on the -.x*
Type your comment> @Dviros said:
Type your comment> @x03 said:
L** is there - user guess is ok with 1000 under ***d - a, tried locating *-.xml but not able to find data for login … is it the correct path?
same here. was able to get some information about the exact location of where it’s running from, but no success on the -.x*
finally got it. now i’m trying to start something but for now it fails
Finally moved past the part I was stuck on for ages, which most of you are/will be…
What you’re seeking isn’t in a well-known place…