hey - i have 2 addresses that I could visit (both ending in .htb) but i can’t get them to resolve in my browser. I have added them to hosts as well yet they still don’t work.
I’m not sure how to change any other configs for this to work (kali).
@briyani I tried editing the host, resolv.conf file but getting the same apache page. I also tried all DNS recon tools like nslookup, dnsenum, dig etc. but I’m missing something stupid, Don’t know what.
i have access to admin panel and i am blocked here. Not able to go any further. There are hardly few things i can change but cant figure out exactly. Any clue here ?
@TheSecEng said:
Can I message someone for a hint? I am in the web interface. I can execute code on the box. But having issues with the next step
Same situation here…I have code execution on the box and could grab the user.txt but I can’t go further. I’m trying to get a shell but multiple netcat attempts for a reverse shell failed. I’ve tried other things like adding a ssh key into authorized_keys but that didn’t work either. I’m just not getting it.
@TheSecEng said:
Can I message someone for a hint? I am in the web interface. I can execute code on the box. But having issues with the next step
Same situation here…I have code execution on the box and could grab the user.txt but I can’t go further. I’m trying to get a shell but multiple netcat attempts for a reverse shell failed. I’ve tried other things like adding a ssh key into authorized_keys but that didn’t work either. I’m just not getting it.
There are several other methods of obtaining reverse shell than nc. in fact, i’ve found that the version of nc on most HTB machines don’t support the -e flag.
does anyone mind if i PM, i need to be set in the right direction on the admin panel, i can see the 2nd page is of interest but ive tried many things and i couldnt get any progress, some mentioned that they got code execution in there.
does anyone mind to explain for me whats going on on that page ? like is something getting executed after pressing a button, or is that thing being saved somewhere on the system ?
@Blackh0le said:
hey - i have 2 addresses that I could visit (both ending in .htb) but i can’t get them to resolve in my browser. I have added them to hosts as well yet they still don’t work.
I’m not sure how to change any other configs for this to work (kali).
cheers
EDIT: Managed to get them to show!
Remember - not all web requests are made on port 80
When you say “it doesn’t work” - you need to be clearer about what that means. The error messages you get explain the problem and its unlikely any server gives a “it doesn’t work” error.