No… I got bullied by my team that im trying to recruit for. I just suck at hacking lol. (They were just teasing and said that i’d ask a question on the forums so I did)
Rooted, after a long time. Root is a complicated but very interesting part, I learned a lot. Do not hesitate to inquire about the permission of the services.
Finally rooted after a lot of fumbling around! Cool box, with some real-life situations.
Somebody mentioned that already, but if you think you have it right and nothing is happening or things are disappearing, keep trying - the box is cleaning itself up quite aggressively. So be quick - or ideally script the steps to avoid retyping everything multiple times!
I’m not very familiar with this service, not sure where to query. Found the h***th page that confirmed the service on the backend but not sure how to proceed.
Edit: Nvm, it appears I DIDNT REALIZE THE IMPORTANCE OF A SLASH. God that is so annoying, since when did slashes at the end of a URL matter?
I’m not very familiar with this service, not sure where to query. Found the h***th page that confirmed the service on the backend but not sure how to proceed.
Make sure to enumerate what you have access to as much as possible. After you find what you’re looking for, read the documentation on the service that’s running in order to enumerate further and get the info you need for foothold.
I definitely agree, if not familiar with the service, there’s a steep learning curve. Going to put it down and go for root later in the week. Have some ideas, but not fully sure where to take 'em.
Got creds, got s* access: I am able to Alert the web page - I can upload whatever I want and got this weird javascript shell running - But other than that, i’m pretty stuck. s* can communicate with the domain.
Once you’re able to run things on the web page - what’s next ? Printing an alert is cool and all but i’d want a user shell instead