@initinfosec said:
Type your comment> @termtype said:Got low-priv shell user - all I can say is think about what you can do with the discovered creds and pay close attention to the roles specifically. You can basically achieve the same thing with manager-script (via Curl) as you could with manager-gui to upload your rev shell; Google is your friend. Hope this helps a bit.
I’ll repost once I get the big fish - root!eZ shout Outz to zer0bubble, Rocketeer, Sloth1985, and 6h4ack for being awesome h4x0r’s and the help to get to where I am.
mind if we DM? - could use a quick nudge, been stuck for a few days (see posts just above yours.) Have an idea where i think it should be but I’m either slightly off or don’t have perms for that certain file. Trying to think how to get around that or what i’m missing.
NVM i think I finally made some progress - attention to details and other variants help!
ETA - i may have spoke too soon lol