Official Intense Discussion

.

Can someone give me a nudge on the foothold of this machine? So far, I have found that a port 161 is closed but maybe we can access it and also admin directory is forbidden so no idea how to access that. It would be great if someone can assist me.

Also, i am working on the message submit part and the port 161 part

Is the message a rabbithole? I can make valid requests but cant extract data since i havent found a way to delay time. Also tried to bypass the filter with fuzzing the bad words with every unicode char.

@testmeister Not sure, that is where I’m stuck now, the problem is that any valid query just returns a 200 OK.

Hi I would like a nudge, I found the S*** on S***** M******.
all my attempts that are syntatically correct render OK.
I tried the usual, any help would be appreciated!
I tried to do a S**I as well on that same page, no result {{ crying :slight_smile: }}

Does anyone know what we can do with this?

/submit?setoption=q&option=allowed_ips&value=255.255.255.255

nikto scan produced this for me

An early form of the chunked transfer encoding was proposed in 1994.[1] Chunked transfer encoding is not supported in HTTP/2, which provides its own mechanisms for data streaming. has anyone messed with this format?

Working on root. Dissatisfied by my current lack of a shell. Anyone willing to do a sanity check for my current thought process? Thanks.

Type your comment> @sparkla said:

Type your comment> @JMFL said:

Does anyone know what we can do with this?

/submit?setoption=q&option=allowed_ips&value=255.255.255.255

Were does this actually come from? One of the first things someone sent me without any explanation.

+1 you cant use something you dont know how it work or from where is come from

OSVDB-3126: /submit?setoption=q&option=allowed_ips&value=255.255.255.255: MLdonkey 2.x allows administrative interface access to be access from any IP. This is typically only found on port 4080.

false positive

oooofffff i got something

So, I can read user flag but can’t get a proper shell. I Appreciate any hints on that

can anyone pm a hint me? im stuck at the R*E part

Type your comment> @justAhmed said:

So, I can read user flag but can’t get a proper shell. I Appreciate any hints on that

Same Here

Hi,

I think i’ve found the vuln in the source code for the foothold but can’t exploit it with success, can someone give me a nudge please ?

Anyone else had a problem with the self generated c*** and solved it? I tried it local the c*** is valid but the data is not correct, it should be adminaccount:adminhash but instead it is otheruser:adminhash

edit: Never mind, the solution was kind of easy.

@sparkla said:

Type your comment> @JMFL said:

Does anyone know what we can do with this?

/submit?setoption=q&option=allowed_ips&value=255.255.255.255

Were does this actually come from? One of the first things someone sent me without any explanation.

Either it is being shared as part of some other discussion on how to get a shell or people are googling for exploits on a particular platform or a medium article and hoping that it is relevant.

( I have no idea if it is relevant or not )