Hi, If anyone could push me in the right direction it would be much appreciated!
I have found what I think is the right PoC video but when I upgrade to a M**r I don’t see another user I can log in as that can access SA*************.
Hi, I have done all of my enumeration I have reached the point of madness by looking over and over all the files and nothing sticks out. I have RCE on the box as www I have access to the M***L but I have no clue what to do with the info that I have. I have tried every cryptographic method possible. Any ideas?
edit: Nevermind hashcat just decided to never tell me that the hash was actually cracked
So i just rooted this box last night, but i took some nudges to find the right CVE… can anyone PM me what the intended method for grabbing the m***** version was?
Also, finding the ‘place to learn’ took some hints and a lucky guess - turns out i actually did try the correct enumeration technique, but it failed due to limitations of the hosts file - any tips on how to get that particular enumeration technique to work in an environment without proper DNS would be greatly appreciated!
HINTS:
foothold: find the right place, explore the functionality and read carefully - there’s a great hint for the first step already - treat it like a real-world scenario not just a CTF! After that, find the right vuln and follow the steps carefully!
rev shell: if you’re struggling with getting a full shell, think about what OS the target is running - why might your standard one liners not work?
user: manual enumeration is enough here! don’t grep blindly, think about the target system, what you’re looking for and where it might be. Google is your friend!
root: super simple enumeration will show you the way, after that you’ll be able to GTFO no problem
I must be missing something here, I know I need to steal a session. I’ve found a technique to do it. Tested it out by sending a message to myself and it worked. Tested it out on the teach**, but it seems like he doesn’t like to open messages received by strangers. Am I going into a rabbit hole?
I must be missing something here, I know I need to steal a session. I’ve found a technique to do it. Tested it out by sending a message to myself and it worked. Tested it out on the teach**, but it seems like he doesn’t like to open messages received by strangers. Am I going into a rabbit hole?
+1 . i also face same issue . Please can some one guide. I set the profile the teacher had asked to set as well
I must be missing something here, I know I need to steal a session. I’ve found a technique to do it. Tested it out by sending a message to myself and it worked. Tested it out on the teach**, but it seems like he doesn’t like to open messages received by strangers. Am I going into a rabbit hole?
I fell into the same hole. Read the announcement more carefully.
I still lost on where to go to find the “learning place”. I tried learning.schooled.htb, teacher…, learn, student, teaching, and so many others. Can someone give me the right direction ?
Edit : just found it, but now where to search to find the m****net ?
I still lost on where to go to find the “learning place”. I tried learning.schooled.htb, teacher…, learn, student, teaching, and so many others. Can someone give me the right direction ?
Edit : just found it, but now where to search to find the m****net ?
Read the announcement again. If its something you have to set, it has to be somewhere you can access. If everyone has to do it, it should be in a fairly obvious place. Maybe where other information is about the account?
Read the announcement again. If its something you have to set, it has to be somewhere you can access. If everyone has to do it, it should be in a fairly obvious place. Maybe where other information is about the account?
Yeah, I found an interesting field on my profile account, I think this is the right place to put the “thing”. Should I create an account on m****n** website ?
(Quote)
Yeah, I found an interesting field on my profile account, I think this is the right place to put the “thing”. Should I create an account on m****n** website ?
You shouldn’t have to create any other accounts… Maybe just try your thing?
Foothold: Enumeration is crucial. Don’t overlook different kind of enumeration, eventually you’ll land in the right place. Read carefully all messages so you can “steal” the opportunity to to something evil. With the help of Google you’ll understand what to do to go further.
User: Enumeration (not necessarily with classical tools), dig well from the starting point and go grab what you need.
Root: Enumeration on permissions, was not so hard but I liked.