Hey Guys and Gals, I am having issues. Still trying to get a foothold. I found that the service is vulnerable to RCE, So after some googling I found a video by LiveOverflow and 2 python scripts. I understand I have to modify them a bit but I am still getting some errors about “AttributeError: ‘bytes’ object has no attribute ‘format’” and when I try to use python 2.7 I get and an error about " IOError: [Errno 2] No such file or directory: ‘/usr/local/lib/python2.7/dist-packages/random_words/nouns.dat’"
Any advice would be greatly appreciated. Thank you.
Hey Guys and Gals, I am having issues. Still trying to get a foothold. I found that the service is vulnerable to RCE, So after some googling I found a video by LiveOverflow and 2 python scripts. I understand I have to modify them a bit but I am still getting some errors about “AttributeError: ‘bytes’ object has no attribute ‘format’” and when I try to use python 2.7 I get and an error about " IOError: [Errno 2] No such file or directory: ‘/usr/local/lib/python2.7/dist-packages/random_words/nouns.dat’"
Any advice would be greatly appreciated. Thank you.
Hey Guys and Gals, I am having issues. Still trying to get a foothold. I found that the service is vulnerable to RCE, So after some googling I found a video by LiveOverflow and 2 python scripts. I understand I have to modify them a bit but I am still getting some errors about “AttributeError: ‘bytes’ object has no attribute ‘format’” and when I try to use python 2.7 I get and an error about " IOError: [Errno 2] No such file or directory: ‘/usr/local/lib/python2.7/dist-packages/random_words/nouns.dat’"
Any advice would be greatly appreciated. Thank you.
Hey Guys and Gals, I am having issues. Still trying to get a foothold. I found that the service is vulnerable to RCE, So after some googling I found a video by LiveOverflow and 2 python scripts. I understand I have to modify them a bit but I am still getting some errors about “AttributeError: ‘bytes’ object has no attribute ‘format’” and when I try to use python 2.7 I get and an error about " IOError: [Errno 2] No such file or directory: ‘/usr/local/lib/python2.7/dist-packages/random_words/nouns.dat’"
Any advice would be greatly appreciated. Thank you.
are you SURE it’s not written in python 3?
When I try 3 I get this: Spoiler Removed
Hey Raskul82,
So, there are a few modifications for using that script in python3. To eliminate: AttributeError: ‘bytes’ object has no attribute ‘format’
You need only delete the ‘b’ after payload=
b in python3 denotes a bytes object, which doesn’t work with format in python3. There are a few other edits I needed to make in order to make it work with python3, so feel free to DM.
Hello guys wish you a happy new year. I’m stuck in getting a foothold. When I run the exploit I get this error. Help would be really appreciated.
File “.py", line 64, in
init(username,cookie,authenticity_token,localport,localip)
File ".py”, line 55, in init
namespace_id=nsid[0][‘value’];
IndexError: list index out of range
Hello guys wish you a happy new year. I’m stuck in getting a foothold. When I run the exploit I get this error. Help would be really appreciated.
File “.py", line 64, in
init(username,cookie,authenticity_token,localport,localip)
File ".py”, line 55, in init
namespace_id=nsid[0][‘value’];
IndexError: list index out of range
You might find this bit easier to do with a manual attack or a different exploit.
So I was able to get Users and now I am on the system as g**. I ran LinPEAS and LinEnum but to be honest. I’m not 100% sure where I should I be looking. Any advice?
Hi guys need to help with this error. Thank you
File “*****.py”, line 155, in
namespace_id = soup.find(‘input’, {‘name’: ‘project[namespace_id]’}).get(‘value’)
AttributeError: ‘NoneType’ object has no attribute ‘get’
Hey Guys I am root and I am trying to break out, I have found some POC’s but not having much luck just getting lots of PID’s, Can anyone offer a nudge?
Hello this is probs a stupid question but i rooted the box but i cant find the flag in the /root folder did it move?? cause i restarted the machine and its still gone.