ok so I rooted it but would like to discuss the exploit for root if someone could pm and explain why this works in the manner it does. I would greatly appreciate it.
Not sure I can explain it but I can point you to the blog posts and articles which were published around the time it was made public. That might help you.
■■■■ yeah that would help. I came across a detailed on but wouldn’t you know it. Its in Chinese.
Got lucky with my choice of tools for the initial foothold and enumerated out user. Root is pretty simple, but I had a lot of trouble with my shell timing out throughout. Those of you who got stable shells that didn’t result in you pulling your hair out over timeouts, please PM me with details.
Foothold took a while as I was trying to belch it. After I utilized a certain framework I was in and user and root both came very easily.
If someone who got the foothold the initial way I was trying would message me with tips, I would be very appreciative. I try to avoid using e**sp*** as much as possible but had to resort to it here.
So after doing enumeration and creating a wordlist, I ran it through a certain tool. However, the tool does not provide the correct information even though its in there. Has anyone else had this problem?
This is only my second box and I’m learning loads but I have gone down so many rabbit holes with Root now i’m starting to feel like Alice. Can someone give me a quick pointer in the right direction please? I’ve gone through ftp folder, extracted config, tried listening to the wav, tried decrypting v10 users.php with the salt, found some screenshots.
So after doing enumeration and creating a wordlist, I ran it through a certain tool. However, the tool does not provide the correct information even though its in there. Has anyone else had this problem?
I dont think so. If the correct information is in there, what isn’t working? You can just use it manually rather than run the tool.
This is only my second box and I’m learning loads but I have gone down so many rabbit holes with Root now i’m starting to feel like Alice. Can someone give me a quick pointer in the right direction please? I’ve gone through ftp folder, extracted config, tried listening to the wav, tried decrypting v10 users.php with the salt, found some screenshots.
Dont over think the enumeration. Check what your account can do.
This is only my second box and I’m learning loads but I have gone down so many rabbit holes with Root now i’m starting to feel like Alice. Can someone give me a quick pointer in the right direction please? I’ve gone through ftp folder, extracted config, tried listening to the wav, tried decrypting v10 users.php with the salt, found some screenshots.
Dont over think the enumeration. Check what your account can do.
Im learning a lot! Moving along but when im in shell I keep timing out. “Terminate channel 0? [y/N]” . I dont know how to handle this. commands dont work.
As some already mentioned, for me the most recent ParrotSec VM with msf6 didn’t work. Shell was hanging all the time. The problem was the same with the Py***n exploit, not only with msf6… Couldn’t escape the from dumb shell.
Then I tried the newest Kali VM which has msf5 installed and everything worked fine! But the thing is I don’t know why.
Does anyone have a clue?
I would like to use ParrotSec but if there seem to be such problems with it then I’ll have to switch to Kali.