Official Tabby Discussion

Wow, finally rooted!

The initial foothold drove me up a wall lol

Can’t really say anything that hasn’t been said here.
PM for nudges

Type your comment> @nothades said:

Feeling pretty frustrated rn, spent a good amount of time getting a low level shell, and now I’m struggling to transfer the 161*****.zp file to my local machine. Can’t use SimpleHSeer, so I’m really not sure how I’m supposed to take a crack at it.

If anyone could give me a nudge or a PM I’d really appreciate it

scp is a great thing to learn to use! :slight_smile:

Just got root. This was harder than some medium rated machines (or maybe its just me).
feel free to PM for nudges

rooted, took me about a week between user and root so hang in there! Happy to give nudges…

After bashing my head on a wall with the Travel box, this was a really nice one to work on. Foothold to Root after a working on it for few hours. Fun box!

OK… I literally wasted all day on the foothold for this box, even after I read the first few pages of this thread for hints… all the tips about “do more enumerating” did not help one bit. Even the pointers about the file location being written on the site somewhere didn’t help…

In the end, it was my browser that screwed me… so my nudge is… blank pages aren’t necessarily empty.

head-desk

Could anyone tell me how can I read the xml file to get credentials

@unmesh836 said:

Could anyone tell me how can I read the xml file to get credentials

Use a web browser and look at what it has sent you.

rooted! If anyone need help just DM
También en español :wink:

Type your comment> @TazWake said:

@unmesh836 said:

Could anyone tell me how can I read the xml file to get credentials

Use a web browser and look at what it has sent you.

Maybe look what it’s sent in Burp? I think some people have issues with looking in browser?

Foothold: If you found initial vuln, take a look at something on the other port and enumerate. In kali you can find out the content of packet to fuzz with apt-file. If you found creds, google what founded roles give you, curl \ httpie \ ******-manager can help you to exploit in this situation.

User: take a look at some interesting file, you can bruteforce them. If it didn’t help you, think about how people are lazy.

Root: it is not necessary to use automatic scripts. Just enumerate manually. There is only one sploit for this missconfiguration in searchsploit :smile: Don’t overthing, try to find out more what your user can do on machine.

I found the T*****-.x with creds and could log into /H-M****** and stuck there. People all say read and dont skip over little details. I have read pretty thoroughly with no luck at this point. Nudges would be great. (Also have tried Curl instead of using browser to try and be creative, but unsure on how that could even help me any further)

Type your comment> @JitB said:

I found the T*****-.x with creds and could log into /H-M****** and stuck there. People all say read and dont skip over little details. I have read pretty thoroughly with no luck at this point. Nudges would be great. (Also have tried Curl instead of using browser to try and be creative, but unsure on how that could even help me any further)

This file contain roles besides login and password. Google what rights that roles give you

Type your comment> @blacViking said:

Type your comment> @chiefgreek said:

stuck on root…am following the instructions and trying to install the image but says no such file when its sitting there.

Update - got this after copying and pasting the script - there are issues with the searchsploit version

I have the same issue, can you pm me how did you resolve it

I think you should delete some symbols, it probably has been written on windows. Use dos2unix next time before transfering and executing.

Type your comment> @BugsBunny said:

Type your comment> @TazWake said:

@unmesh836 said:

Could anyone tell me how can I read the xml file to get credentials

Use a web browser and look at what it has sent you.

Maybe look what it’s sent in Burp? I think some people have issues with looking in browser?

Look at page source code

@BugsBunny said:

Type your comment> @TazWake said:

@unmesh836 said:

Could anyone tell me how can I read the xml file to get credentials

Use a web browser and look at what it has sent you.

Maybe look what it’s sent in Burp? I think some people have issues with looking in browser?

It is certainly more “In your face” if you use burp, but it’s only a single click away in a browser and if people aren’t checking things like that, they really should.

@NordeN said:

Type your comment> @BugsBunny said:

Type your comment> @TazWake said:

@unmesh836 said:

Could anyone tell me how can I read the xml file to get credentials

Use a web browser and look at what it has sent you.

Maybe look what it’s sent in Burp? I think some people have issues with looking in browser?

Look at page source code


@TazWake said:

@BugsBunny said:

Type your comment> @TazWake said:

@unmesh836 said:

Could anyone tell me how can I read the xml file to get credentials

Use a web browser and look at what it has sent you.

Maybe look what it’s sent in Burp? I think some people have issues with looking in browser?

It is certainly more “In your face” if you use burp, but it’s only a single click away in a browser and if people aren’t checking things like that, they really should.

Ahhh, thanks guys, didn’t realise I could see in page source as well,

the more you know…

:slight_smile:

Got foothold. Not sure how to move laterally, though…

I got root!

This was my first box that I did without any big walkthroughs.

My .02:

for foothold: the other comments here are GREAT.

for user: remember, things look different from the other side

for root: Don’t think outside the box, think outside the container.

Whomever reset the server just killed my foothold. Thanks.