Hint for TartarSauce!

2456710

Comments

  • @macw141 said:
    login screen ... hmm how to PASS it??? Running out of ideas. Really annoying.

    Keep it simple ;)

    drtychai

  • @drtychai said:

    @macw141 said:
    login screen ... hmm how to PASS it??? Running out of ideas. Really annoying.

    Keep it simple ;)

    keep it extra simple

    Waffles
    | OSCP | OSWP | PenTest+ |

  • @Waffles said:

    @drtychai said:

    @macw141 said:
    login screen ... hmm how to PASS it??? Running out of ideas. Really annoying.

    Keep it simple ;)

    keep it extra simple

    User ID is indeed not complicated, but to be honest forum is a bit misleading here (and maybe not even a bit, but quite a lot).
    Now the same story with password. Every attempt takes 10 sec. This is really annoying.

    m4rc1n

  • tried all obvious pwds and the app intentionally sleeps for 10sec when pwd is wrong.
    empty pwd 100ms
    wrong pwd 10100ms

    m4rc1n

  • Hint if you are on the login screen , username and passwd are both visible to you.

    i got it in the first attemopt, silliest passwd ever seen by me on htb,
    also the file upload is a not working, nor can we create a user....
    as said by sir @3mrgnc3 we have to enumerate more ..!!!

  • @p5yph3r said:

    Hint if you are on the login screen , username and passwd are both visible to you.

    i got it in the first attemopt, silliest passwd ever seen by me on htb,
    also the file upload is a not working, nor can we create a user....
    as said by sir @3mrgnc3 we have to enumerate more ..!!!

    Sorry for being sarcastic, but what about user ID? Did you also "guess" it?
    You are the luckiest person I know.

    m4rc1n

  • @p5yph3r said:

    Hint if you are on the login screen , username and passwd are both visible to you.

    i got it in the first attemopt, silliest passwd ever seen by me on htb,

    No they are not. At least not user ID.

    m4rc1n

  • Yeah , on HTB , i usually try the silliest passwds first, sometimes I get lucky,Like this one..!!!
    if you still havent got the username, PM me

  • edited June 2018

    Spoiler Removed - Arrexel

  • edited June 2018

    @bugzy said:
    Spoiler Removed - Arrexel

    I don't think this is going to work... someone already said that you can't upload files neither plugins.

  • edited May 2018

    Spoiler Removed - Arrexel

  • @NinjaRockstar said:

    @xdavkk said:

    @bugzy said:
    :D when Montra CMS RCE PoC uploaded 23 hr ago
    https://www.exploit-db.com/exploits/44621/

    I don't think this is going to work... someone already said that you can't upload files neither plugins.

    I agree. It won't work. It's mostly the same as this one: https://www.exploit-db.com/exploits/43348/

    There is other stuff to look at though.

    yup

  • @xdavkk said:

    @NinjaRockstar said:

    @xdavkk said:

    @bugzy said:
    :D when Montra CMS RCE PoC uploaded 23 hr ago
    https://www.exploit-db.com/exploits/44621/

    I don't think this is going to work... someone already said that you can't upload files neither plugins.

    I agree. It won't work. It's mostly the same as this one: https://www.exploit-db.com/exploits/43348/

    There is other stuff to look at though.

    yup

    looking ...

  • if you dont have results, change your way

    peek

  • edited May 2018

    Spoiler Removed - Arrexel

  • edited May 2018

    Spoiler Removed - Arrexel

  • hint for anyone that stuck on upload
    you should look for something else than that ;)

    Arrexel

  • Any hint on the username?

  • even the upload for the plugins doenst work..also i have editted the 404page...but nothing is using the 404page..even i try id=blogX or id-filemanagerX still 404page doesnt come up..it just says "Aw snap...etc"....am i still missing sonething?..thanks in advance..

  • hi firefart...just think of being a lazy person who is installing monstra...

  • or it can be found on the files that are viewable...

  • I tried all possible options on the website, and nothing seems to work..

    Is it something else? Should do a comprehensive nmap for all ports?

    You can PM if it contains spoilers..
  • @bugzy said:
    :D when Montra CMS RCE PoC uploaded 23 hr ago
    https://www.exploit-db.com/exploits/44621/

    Yeah i've wrote this exploit, after downloading the Montra fuzzing it, but the code on this machine doesn't work because they block every interaction with the DB

  • @jameel said:

    @bugzy said:
    :D when Montra CMS RCE PoC uploaded 23 hr ago
    https://www.exploit-db.com/exploits/44621/

    Yeah i've wrote this exploit, after downloading the Montra fuzzing it, but the code on this machine doesn't work because they block every interaction with the DB

    l33t, just enumerate little more

  • For those who both restart they do not have to restart the box if they have not left anything open

  • I like good machines and I always try to get as far as I can on my own. Found the easy login and the only page you are able to change, but no way to call that page to test. I guess I have to enumerate more....

    image

  • @mrdogma said:
    hi firefart...just think of being a lazy person who is installing monstra...

    I don't need the user for monstra, I need it for the other application :)

  • edited May 2018

    @ZaYoOoD said:
    I tried all possible options on the website, and nothing seems to work..

    Is it something else? Should do a comprehensive nmap for all ports?

    You can PM if it contains spoilers..

    Spoiler Removed - Arrexel

  • @firefart said:

    @mrdogma said:
    hi firefart...just think of being a lazy person who is installing monstra...

    I don't need the user for monstra, I need it for the other application :)

    you may not need it there either.

  • edited May 2018

    rooted the box, i recommend everyone not to use Dirbuster, usually this kind of machine takes me around 30 minutes to root it, however it took e more than 2 days along with asking others, i even wrote a zero day exploit and publish it yesterday for the rabbit hole, i'm really serious i wrote a zero day and tested it on local and worked but not worked on the machine then i've realized i should never ever use Dirbuster anymore,

    Here's my zero day exploit, but it won't work on the machine :
    https://www.exploit-db.com/exploits/44621/

    the best hint i could give for who still stack on this machine, is keep it simple and never use Dirbuster.

    Regards

Sign In to comment.