Official Blunder Discussion

Type your comment> @TazWake said:

@letMel00kDeepr said:

ok so I rooted it but would like to discuss the exploit for root if someone could pm and explain why this works in the manner it does. I would greatly appreciate it.

Not sure I can explain it but I can point you to the blog posts and articles which were published around the time it was made public. That might help you.

■■■■ yeah that would help. I came across a detailed on but wouldn’t you know it. Its in Chinese.

@letMel00kDeepr said:

■■■■ yeah that would help. I came across a detailed on but wouldn’t you know it. Its in Chinese.

I’ve sent you a DM.

I seem to be having the same “shell hanging” issue on tool version 6. On Parrot it’s the default installed version. Any workarounds or…?

Rooted.

Got lucky with my choice of tools for the initial foothold and enumerated out user. Root is pretty simple, but I had a lot of trouble with my shell timing out throughout. Those of you who got stable shells that didn’t result in you pulling your hair out over timeouts, please PM me with details.

Rooted.

Foothold took a while as I was trying to belch it. After I utilized a certain framework I was in and user and root both came very easily.

If someone who got the foothold the initial way I was trying would message me with tips, I would be very appreciative. I try to avoid using e**sp*** as much as possible but had to resort to it here.

For everyone with the “shell hanging” issue :
All you have to do is spawn a bash shell to your host (GTFOBins for the syntax).
Works like a charm !

So after doing enumeration and creating a wordlist, I ran it through a certain tool. However, the tool does not provide the correct information even though its in there. Has anyone else had this problem?

This is only my second box and I’m learning loads but I have gone down so many rabbit holes with Root now i’m starting to feel like Alice. Can someone give me a quick pointer in the right direction please? I’ve gone through ftp folder, extracted config, tried listening to the wav, tried decrypting v10 users.php with the salt, found some screenshots.

Hey all, could use a nudge on username needed on foothold… I’ve been enumerating all day and can’t seem to find the file.

@aqlarx19 said:

So after doing enumeration and creating a wordlist, I ran it through a certain tool. However, the tool does not provide the correct information even though its in there. Has anyone else had this problem?

I dont think so. If the correct information is in there, what isn’t working? You can just use it manually rather than run the tool.

@rhysmorgan1986 said:

This is only my second box and I’m learning loads but I have gone down so many rabbit holes with Root now i’m starting to feel like Alice. Can someone give me a quick pointer in the right direction please? I’ve gone through ftp folder, extracted config, tried listening to the wav, tried decrypting v10 users.php with the salt, found some screenshots.

Dont over think the enumeration. Check what your account can do.

@Lycist said:

Hey all, could use a nudge on username needed on foothold… I’ve been enumerating all day and can’t seem to find the file.

Have you tried different file types?

Type your comment> @TazWake said:

@rhysmorgan1986 said:

This is only my second box and I’m learning loads but I have gone down so many rabbit holes with Root now i’m starting to feel like Alice. Can someone give me a quick pointer in the right direction please? I’ve gone through ftp folder, extracted config, tried listening to the wav, tried decrypting v10 users.php with the salt, found some screenshots.

Dont over think the enumeration. Check what your account can do.

I can’t believe it was that simple ?‍♂️

Thanks!

Rooted

Rooted!!!
ping me for any hints and tips

Im learning a lot! Moving along but when im in shell I keep timing out. “Terminate channel 0? [y/N]” . I dont know how to handle this. commands dont work.

Having issues with the msf payload:

[-] Exploit aborted due to failure: unknown: No UUID found in admin/new-content/
[*] Exploit completed, but no session was created.

@LMAY75 said:

Having issues with the msf payload:

[-] Exploit aborted due to failure: unknown: No UUID found in admin/new-content/
[*] Exploit completed, but no session was created.

Check you are using valid credentials and all the options are correct.

Type your comment> @TazWake said:

@LMAY75 said:

(Quote)
Check you are using valid credentials and all the options are correct.

All creds are correct and so are the options.

Msf doesn’t want to work and I can’t seem to figure out the manual exploit… If someone could help show me it’d be greatly appreciated!

Nvm got it!

Pwned!

As some already mentioned, for me the most recent ParrotSec VM with msf6 didn’t work. Shell was hanging all the time. The problem was the same with the Py***n exploit, not only with msf6… Couldn’t escape the from dumb shell.
Then I tried the newest Kali VM which has msf5 installed and everything worked fine! But the thing is I don’t know why.

Does anyone have a clue?
I would like to use ParrotSec but if there seem to be such problems with it then I’ll have to switch to Kali.