Official Tabby Discussion

1101113151619

Comments

  • Good fun and a nice first box after a month away from my darling PC.

    Foothold: Install the software the easiest way possible. Then locate where the file you need is saved on your machine. Don't forget to check at the source if you think it's not working.

    User: Find a file owned by your target and brutalize that shit.

    Root: What are you a part of?

    skunk

    Happy to offer nudges to anyone on boxes I've done, provided you show that you've reasonably tried to understand what the goal is! If I do help, please consider giving respect!

  • i tried to root wit the *** i build the *** without errors , upload to the server, but when i try to import i get Error: Unsupported compression

    someone to help on this?

    there is no place like 127.0.0.1
  • I need a hint.

    I have found a lot of information like the documentation etc. and even a field to l*g**

    And I did a lot of enumeration but can't seem to access or find the t****t file.

    Any hints would be appreciated.

  • Feeling pretty frustrated rn, spent a good amount of time getting a low level shell, and now I'm struggling to transfer the 161*****.z*p file to my local machine. Can't use SimpleH***Se**er, so I'm really not sure how I'm supposed to take a crack at it.

    If anyone could give me a nudge or a PM I'd really appreciate it

  • If anyone needs hints, can hit my inbox.
  • Type your comment> @nothades said:

    Feeling pretty frustrated rn, spent a good amount of time getting a low level shell, and now I'm struggling to transfer the 161*****.z*p file to my local machine. Can't use SimpleH***Se**er, so I'm really not sure how I'm supposed to take a crack at it.

    If anyone could give me a nudge or a PM I'd really appreciate it

    looks exactly which version of py****n is supported by the box and use the h*******er syntax for that particular version.

  • @knock23 thank you so much man, I can finally sleep

  • Type your comment> @nothades said:

    Feeling pretty frustrated rn, spent a good amount of time getting a low level shell, and now I'm struggling to transfer the 161*****.z*p file to my local machine. Can't use SimpleH***Se**er, so I'm really not sure how I'm supposed to take a crack at it.

    If anyone could give me a nudge or a PM I'd really appreciate it

    Try using nc instead.

  • Rooted, Si alguien necesita ayuda al DM

  • huge shout-out to those dickless assholes who are removing my war file, fuck you motherfuckers...you aint gonna get anywhere while doing so!!
    get your war file shove up deep into your asses!!!

  • Rooted !

    User and Root took me 1 hour. Foothoold days.. ! One big advice is .. install what you think to install for replicate the enviroment. Just apt.

    DM if you are stuck !

  • Type your comment> @NFire0111111 said:

    Rooted !

    User and Root took me 1 hour. Foothoold days.. ! One big advice is .. install what you think to install for replicate the enviroment. Just apt.

    DM if you are stuck !

    Finally rooted.
    Same advice for annoying initial foothold, just install it using apt on your local.
    Thanks @AidynSkullz for the nudge.

  • Wow, finally rooted!

    The initial foothold drove me up a wall lol

    Can't really say anything that hasn't been said here.
    PM for nudges

  • Type your comment> @nothades said:

    Feeling pretty frustrated rn, spent a good amount of time getting a low level shell, and now I'm struggling to transfer the 161*****.z*p file to my local machine. Can't use SimpleH***Se**er, so I'm really not sure how I'm supposed to take a crack at it.

    If anyone could give me a nudge or a PM I'd really appreciate it

    scp is a great thing to learn to use! :)

    skunk

    Happy to offer nudges to anyone on boxes I've done, provided you show that you've reasonably tried to understand what the goal is! If I do help, please consider giving respect!

  • Just got root. This was harder than some medium rated machines (or maybe its just me).
    feel free to PM for nudges

  • rooted, took me about a week between user and root so hang in there! Happy to give nudges...

  • edited July 1

    After bashing my head on a wall with the Travel box, this was a really nice one to work on. Foothold to Root after a working on it for few hours. Fun box!

    corpnobbs
    OSCP | OSWP | so much more to learn ...

  • OK... I literally wasted all day on the foothold for this box, even after I read the first few pages of this thread for hints... all the tips about "do more enumerating" did not help one bit. Even the pointers about the file location being written on the site somewhere didn't help....

    In the end, it was my browser that screwed me.... so my nudge is... blank pages aren't necessarily empty.

    head-desk

  • Could anyone tell me how can I read the xml file to get credentials

  • @unmesh836 said:

    Could anyone tell me how can I read the xml file to get credentials

    Use a web browser and look at what it has sent you.

    TazWake

    Happy to help people but PLEASE explain your problem in as much detail as possible!

    Also: https://www.nohello.com/

  • rooted! If anyone need help just DM
    También en español ;-)

  • Type your comment> @TazWake said:

    @unmesh836 said:

    Could anyone tell me how can I read the xml file to get credentials

    Use a web browser and look at what it has sent you.

    Maybe look what it's sent in Burp? I think some people have issues with looking in browser?

  • edited July 1

    Foothold: If you found initial vuln, take a look at something on the other port and enumerate. In kali you can find out the content of packet to fuzz with apt-file. If you found creds, google what founded roles give you, curl \ httpie \ ******-manager can help you to exploit in this situation.

    User: take a look at some interesting file, you can bruteforce them. If it didn't help you, think about how people are lazy.

    Root: it is not necessary to use automatic scripts. Just enumerate manually. There is only one sploit for this missconfiguration in searchsploit :smile: Don't overthing, try to find out more what your user can do on machine.

  • I found the T*****-*****.x** with creds and could log into /H***-M****** and stuck there. People all say read and dont skip over little details. I have read pretty thoroughly with no luck at this point. Nudges would be great. (Also have tried Curl instead of using browser to try and be creative, but unsure on how that could even help me any further)

  • edited July 1

    Type your comment> @JitB said:

    I found the T*****-*****.x** with creds and could log into /H***-M****** and stuck there. People all say read and dont skip over little details. I have read pretty thoroughly with no luck at this point. Nudges would be great. (Also have tried Curl instead of using browser to try and be creative, but unsure on how that could even help me any further)

    This file contain roles besides login and password. Google what rights that roles give you

  • edited July 1

    Type your comment> @blacViking said:

    Type your comment> @chiefgreek said:

    stuck on root...am following the instructions and trying to install the image but says no such file when its sitting there.

    Update - got this after copying and pasting the script - there are issues with the searchsploit version

    I have the same issue, can you pm me how did you resolve it

    I think you should delete some symbols, it probably has been written on windows. Use dos2unix next time before transfering and executing.

  • Type your comment> @BugsBunny said:

    Type your comment> @TazWake said:

    @unmesh836 said:

    Could anyone tell me how can I read the xml file to get credentials

    Use a web browser and look at what it has sent you.

    Maybe look what it's sent in Burp? I think some people have issues with looking in browser?

    Look at page source code

  • @BugsBunny said:

    Type your comment> @TazWake said:

    @unmesh836 said:

    Could anyone tell me how can I read the xml file to get credentials

    Use a web browser and look at what it has sent you.

    Maybe look what it's sent in Burp? I think some people have issues with looking in browser?

    It is certainly more "In your face" if you use burp, but it's only a single click away in a browser and if people aren't checking things like that, they really should.

    TazWake

    Happy to help people but PLEASE explain your problem in as much detail as possible!

    Also: https://www.nohello.com/

  • edited July 2

    @NordeN said:

    Type your comment> @BugsBunny said:

    Type your comment> @TazWake said:

    @unmesh836 said:

    Could anyone tell me how can I read the xml file to get credentials

    Use a web browser and look at what it has sent you.

    Maybe look what it's sent in Burp? I think some people have issues with looking in browser?

    Look at page source code


    @TazWake said:

    @BugsBunny said:

    Type your comment> @TazWake said:

    @unmesh836 said:

    Could anyone tell me how can I read the xml file to get credentials

    Use a web browser and look at what it has sent you.

    Maybe look what it's sent in Burp? I think some people have issues with looking in browser?

    It is certainly more "In your face" if you use burp, but it's only a single click away in a browser and if people aren't checking things like that, they really should.

    Ahhh, thanks guys, didn't realise I could see in page source as well,

    the more you know....

    :)

  • Got foothold. Not sure how to move laterally, though...

    image

Sign In to comment.