For anyone else facing the same problem I had , turns out you have to try many different webshells till one works , could be limitation on the ASP version on the box itself.
Thanks to @r0t13weiler and @tabacci for helping me troubleshoot it and finally wrap this one up.
This is not the way to learn ip***. The way to properly learn it is to set it up on both sides, knowing in advance the settings!
Having to use brute force tools to guess the settings, and then having to figure out the proper way to write the command, only to have it not working for something else we still donāt know, is just stupidā¦
I would say I agree with you. Would you mind sending me PM with useful links/references teaching the process both-sides, start to finish (if you know of any)? Cheers
I just gotta say, Iām happy to have finally established the VPN connection (now that Conceal is retired & there are tutorials) BUT, Iām kinda mad (donāt me mad bro!) >:( I spent a good chunk of time reading, learning, VPN stuff before box retirement, basically my config lacked 2 things. One item, the l**t=p (I know itās retired, but a spoiler is a spoiler) & the corresponding entry rt=p, so I guess 3 things actually, because the next entry ty=t*******t isnāt exactly well documented (I know that from googling āthe entryā site:stronswan.org). I donāt know if I would have ever figured that out on my own. The first 2 there that I needed were in a README, so thatās my bad. I promise to always read the README from now on, promise. Anyways, I guess I feel better now, back to hacking.
I have been following Ippsecās video on Conceal. I am having trouble getting an asp webshell to work. When I try to execute a cmd I receive the error āAn error occurred on the server when processing the URLā. I have tried multiple asp web-shells with no luck - I am not really sure whatās going on that causes this. I have strongswan configured correctly, and I reset the box to be safe.
yo, guys i need some help with this nasty ā ā ā ā ā ā , i am at the PrivEsc part of job, and JP works with the the value i give but it wont execute my .bat or any file i give latter on! is juicypotato not working on this box anymore ? every writteup we have uses juicypotato ! just wanted to know if its something at my end !
Do these old boxes get patched or something? Whatever I try to throw at it for privesc, the Antivirus catches. Been working at it for day until I decided to look at the walkthrough, just to see that the method used is no longer applicable.
Is it me thatās doing something wrong here, or is the box actually patched?
Do these old boxes get patched or something? Whatever I try to throw at it for privesc, the Antivirus catches. Been working at it for day until I decided to look at the walkthrough, just to see that the method used is no longer applicable.
Is it me thatās doing something wrong here, or is the box actually patched?
I actually have the exact same question. Several older boxes seem to be impossible to get full user or root now, the payloads donāt go through.
Do these old boxes get patched or something? Whatever I try to throw at it for privesc, the Antivirus catches. Been working at it for day until I decided to look at the walkthrough, just to see that the method used is no longer applicable.
Is it me thatās doing something wrong here, or is the box actually patched?
This question came to my mind after the 3rd day trying privesc. I found the vuln pretty soon but then no files I need can be uploaded. Either as plain-executable or encoded ps scriptā¦
User was hard as well as none of the revshells / nc etc worked - but I found a snippet of powershell rev-shell that did not get catched and allowed further enumeration on the machine.
To confirm that my methodology was right I read some of the walkthroughs and found the exact same steps I was planning to doā¦
I spent several hours on this box. Impossible to get the rev shell from that webshell: i tried nishangs remote and local and also nc64 from the webshell directlyā¦ never got a shell so im stucked
Same here. Impossible to get a revshell. Also tried nishang and nc64, my Python server receive the GET petition, but no revshell is received in my nc. The most funny part, I saw today a youtuber resolving the machine in Twitch, and he could get revshell with no problem. So I think is a problem with my Kali or something.
I spent several hours on this box. Impossible to get the rev shell from that webshell: i tried nishangs remote and local and also nc64 from the webshell directlyā¦ never got a shell so im stucked
Any hint what im doing wrong?
For initial shell I can give you some hints, but I was not able to root that machine
Iām losing my f mind trying to setup VPN connection with ipā¦cā¦f file. Can I ask help to someone here that has finished this machine? Thanks
Edit: nvm managed to solve by myself after hours of bang head.
Edit: rooted the machine. Aside from initial frustration, itās a typical HTB machine with K exp. Frankly I did not like that much this box the initial part is a bit out-of-scope if you want to level up for certs like OSCP.