Rock the show.
Anything
Yea but I can’t access it…
Anyone got past the login portal yet?
Hmmm
RCE. I hav got but no creds
30+ minutes of scanning and no single port open.
Spoiler Removed
Why we can’t access that thing on that port?
GG to 2 First blood
Some hint to get a foothold ?
I can’t figure out these creds… Is it gonna require X** injection?
A hint would be appreciated
Type your comment> @LMAY75 said:
I can’t figure out these creds… Is it gonna require X** injection?
A hint would be appreciated
I don’t think X** will do…
It requires a client right ?
Type your comment> @Karthik0x00 said:
Why we can’t access that thing on that port?
I’m wondering why too !
I found the default creds but as mentioned on various sources, they won’t work remotely. And the response implies that the default password has not been changed. So that might help in priv esc later on. That also rules out brute force which sometimes works on easy boxes.
Then what is left is to find some other user and their password, or try to get something back from that communication channel.
Any hints or nudges appreciated.
Type your comment> @tang0 said:
I found the default creds but as mentioned on various sources, they won’t work remotely. And the response implies that the default password has not been changed. So that might help in priv esc later on. That also rules out brute force which sometimes works on easy boxes.
Then what is left is to find some other user and their password, or try to get something back from that communication channel.
Any hints or nudges appreciated.
where u found ?
Type your comment> @tang0 said:
And the response implies that the default password has not been changed.
No it doesn’t
Type your comment> @exord26 said:
I found the default creds but as mentioned on various sources, they won’t work remotely. And the response implies that the default password has not been changed. So that might help in priv esc later on. That also rules out brute force which sometimes works on easy boxes.
Then what is left is to find some other user and their password, or try to get something back from that communication channel.
Any hints or nudges appreciated.
where u found ?