Official Luanne Discussion

Nice box ! NetBsd was something new to me so, I had to learn a bunch of new stuff. Which is exactly what I’m looking for. PM if you need a nudge !

I can’t seem to get anywhere on this box. Ran nmap and found a few ports. I also ran gobuster. Not seeing anything other then the log in prompt. Can I get a hint or a nudge?

Type your comment> @MaximumBob said:

I can’t seem to get anywhere on this box. Ran nmap and found a few ports. I also ran gobuster. Not seeing anything other then the log in prompt. Can I get a hint or a nudge?

Look at nmap output again.

Hi all. I’ve been running dirbuster, and it’s picking up a bunch (20+ so far) subdirectories from other directories. Am I going down a rabbit hole here letting it continue? Some of the items look interesting.

Type your comment> @DaShan3 said:

Hi all. I’ve been running dirbuster, and it’s picking up a bunch (20+ so far) subdirectories from other directories. Am I going down a rabbit hole here letting it continue? Some of the items look interesting.

Are you sure that dirbuster found something? Check the response codes.

Type your comment> @digusil said:

Type your comment> @DaShan3 said:

Hi all. I’ve been running dirbuster, and it’s picking up a bunch (20+ so far) subdirectories from other directories. Am I going down a rabbit hole here letting it continue? Some of the items look interesting.

Are you sure that dirbuster found something? Check the response codes.

Sent you a msg so i don’t spoil anything.

Ok so I have come across a page that tells me to use a command to provide some information. But I’m having trouble trying to get the command to work. A nudge by you more experienced folks would be appreciated!

Type your comment> @DaShan3 said:

Ok so I have come across a page that tells me to use a command to provide some information. But I’m having trouble trying to get the command to work. A nudge by you more experienced folks would be appreciated!

Disregard answered my own question

Spoiler Removed

Hi Gang - Ive found a lot of things, but nothing that I can think to do get a shell with - Would appreciate some nudges on the foothold if possible - Many Thanks.

User was way harder than root, it seems I was still struggling with URL encoding and crafting input payloads to inject parameters. I hate having to load up BURP every time I want to encode a string…
Not a difficult box, but some opportunities to get rabbit-holed !

Neat machine.

Stuck with forecasting the weather((( Plz give some hints…

wow, this and laboratory are kicking my ■■■■!!! any help would be kindly received !

Finally rooted,stuck for a long time,some tips:
1.Get a good Dicts,if you don’t use kali linux.
2.Enumerate…and look up information.
3.Watch out any information you can get.
4.”Guess”….,something you got before maybe is useful.

Spoiler Removed

managed to get root. very interesting box - I learned a lot. foothold was the hardest, mainly figuring out which characters to use to escape the parameter. after that the path was fairly straightforward, although I overcomplicated things with root. thanks @aio for getting me out of the hole.

thanks @polarbearer for a great box.

Spoiler Removed

@ghostng said:
Type your comment> @balkan said:

any hint? im stucked in /w******/f*******?c***=l***

if you are an english speaker this is a huge spoiler…how the heck did you guess that???

never mind, dangit!

Finally rooted :smiley: thanks for the box @polarbearer
If anyone need a hint, DM :slight_smile: