Dante Discussion

Quick question, does the web servers are working poorly for everyone (on the servers to which you are pivoting)?

Hello everyone, can anyone please give me a hint on priv esc ws03 box thank you

I think I’m missing something out with the last flag. Anyone has a nudge?

Is anyone having trouble with ssh tunneling from the jump box? A few days ago all my stuff was working and now no worky and cant figure out why.

Type your comment> @xaqhary said:

Is anyone having trouble with ssh tunneling from the jump box? A few days ago all my stuff was working and now no worky and cant figure out why.

Try switching your VPN connection. Sometimes the lab would go down for some reason and a quick change to the VPN would work. I usually regenerate credentials to another server whenever I have connection problems, due to the fact that sometimes people may break machines without noticing

Type your comment> @Ric0 said:

Hi, I have been struggling with O***** M***** R***** S**** to upload correctly obfuscated php shell in jpg. Trying to fix a script found on exploit-db. Appreciate any nudges. Or … this is rabbit hole :wink:

I didn’t use a shell.jpg to get shell here. Am I the only one?

Phew! Struggling with initial foothold. Have first flag, have todo.txt, would love a hint.

(Edit: Got a bit of a foothold, thanks!)

Type your comment> @motoraLes said:

Type your comment> @xaqhary said:

Is anyone having trouble with ssh tunneling from the jump box? A few days ago all my stuff was working and now no worky and cant figure out why.

Try switching your VPN connection. Sometimes the lab would go down for some reason and a quick change to the VPN would work. I usually regenerate credentials to another server whenever I have connection problems, due to the fact that sometimes people may break machines without noticing

Thanks for the help brother

Can’t seem to switch users on NIX-02 from M******* to F**** using a password found on F****'s D******** folder. Is this password a dead end or is there another way of accessing this account?

need hint on priv escalation to fra** user.

Could I get a hint for NIX07 PE? Thanks!

.

Hi! Could I get a nudgo on priv esc for WS03? I’ve been stuck for several days. Thanks!!!

Anyone willing to assist me with priv esc on NIX-01? Hitting a wall after trying everything I could from enumeration.

i need a hint on ws01 priv esc. keep hitting the av. tried using the vuln thing and script to do a remote d****** session but cant get anywhere.

I am needing to reset the .110.100 box due to Wordpress theme issues, but haven’t been able to enumerate the hostname yet which is what it asks for when resetting it. What is the hostname for the initial .100 box?

UPDATE: I ended up taking a guess and figured out the .100 hostname is DANTE-WEB-NIX01

I need a hint on nix02 for priv esc from f to root

UPDATE: rooted

Hi guys can I get some help with ws03 privesc?
Thanks

Hello! Please, can anyone help me with WS03? I tried to enumerate using dirserach, dirb and gobuster and I found nothing (at least nothing I can see as useful). Gobuster is returning an error “context deadline exceeded (Client.Timeout exceeded while awaiting headers” and I can’t solve it. I am using proxychains to do the enumeration, but I don’t know if it is right or the best way.

@tiocavera said:
Hello! Please, can anyone help me with WS03? I tried to enumerate using dirserach, dirb and gobuster and I found nothing (at least nothing I can see as useful). Gobuster is returning an error “context deadline exceeded (Client.Timeout exceeded while awaiting headers” and I can’t solve it. I am using proxychains to do the enumeration, but I don’t know if it is right or the best way.

use wfuzz you can set a proxy with it, gobuster does not work will with proxychains.