Baseizo7

About

Username
Baseizo7
Joined
Visits
280
Last Active
Roles
Member

Comments

  • Also seeing the exe tagged as trojan. Perhaps HTB or creator could chime in?
  • After fairly quickly (for me, for once!) identifying the exploit path to get foothold or user I was completely stuck getting it to work for nearly two weeks. I had several people on Discord compare notes with me and walk me through and we were alway…
  • Type your comment> @Baseizo7 said: (Quote) Never mind! Figured it out. h4x0r error. Apparently I have trouble noticing glaring numerical typos right in front of me for hours.
  • I am really confused. In Kali VM, using gdb/gef/pwntools after many hours finally got a successful exploit.py (from gef skel) working. But only locally. Remotely I get the 'A's string echoed back. Playing with the length of those 'A' I will get same…
  • Type your comment> @davidcp said: (Quote) As a test if you have noted the name referenced in your nmap scan output, have you tried curl -H 'Host: «name»' 10.10.10.216? (Pardon if obvious but your question read to me as if this might be the stumb…
  • Type your comment> @aimforthehead said: (Quote) I ran a Docker instance of same version G----b with much Google'ing and going through the docs since not familiar with its back-end operation. Takes time but you can re-create close enough to the s…
  • After gaining foothold: Is that non-public file, which is apparently invalid, what is used to pivot to user? Or is that a red herring? (Because if so, I am stumped on how to figure out what is wrong with it!)
  • Type your comment> @zweeden said: (Quote) Ah! Thanks.
  • Is foothold based on a known vuln w/CVE? (Don't need spoiler/number but just beginning to wonder if researching that route since yesterday is a rabbit warren...)
  • Type your comment> @OrkaThaHacker said: (Quote) "Open"ing salvo is a light trolling right off the bat, eh? :-)
  • Type your comment> @k4wld said: (Quote) Thanks @k4wid for the sanity check. Yes, the old standby python httpd seems to be working fine. With wireshark up see lots of TCP retransmissions to Buff. n-.e-- did finally go through just once, but it wa…
  • I feel stupid for asking, but I cannot get any exe tools onto the box. The exploit works to get that webshell, and often others have left tools laying all over the place. But I'm stuck trying to figure out how they did that. Using c--l does begin bu…
  • Got root. (Quote) If you see what 111 gives info it will list a service that you can use to proceed. To say any more would be a spoiler.
    in Remote Comment by Baseizo7 March 2020
  • Type your comment> @0x41 said: (Quote) (Puts thinking cap back on.)
  • Am I diving down a rabbit hole by thinking I need to brute-force a salty hash to get things going toward auth? (I'm thinking not mostly b/c if so should be easy-ish not requiring lots of time or cpu/gpu to do... but... ?)
  • Type your comment> @CyberGeek01 said: (Quote) Sure thing! Happy to pass the hint along.
    in Fatty Comment by Baseizo7 March 2020
  • Type your comment> @CyberGeek01 said: (Quote) jd-gui seems to work fine.
    in Fatty Comment by Baseizo7 February 2020
  • Me: I sure have worked hard and would like to change careers to being a pentester some day. Reality: Ha! F... you, buddy. Go eat paste.
    in Book Comment by Baseizo7 February 2020
  • I am stuck on the way to root ... I can remote in as user f----- and have plaintext password. User h----- is apparently closely related to f-----. I see that s--_------- has an interesting reporting line, so to speak, but am not seeing how to get…
    in Sauna Comment by Baseizo7 February 2020
  • Type your comment> @olsv said: (Quote) The Team page is a very common place to get names from which to create some lists of username guesses. But not much in the 'ol lorem ipsum really.
    in Sauna Comment by Baseizo7 February 2020
  • What? They can't print money? Guess that would be a RICO[h] act violation. (Inside job, er joke.)
    in Sauna Comment by Baseizo7 February 2020
  • Finally got user. (Quote) Would that file be "the other jar" perhaps?
    in Fatty Comment by Baseizo7 February 2020
  • (Still on foothold stage): Can one actually enable the debug output? I change the value to true and it re-compiles and runs, but never see output from S-----.out.p------(). Seems like it would be useful. Cannot really change anything else without er…
    in Fatty Comment by Baseizo7 February 2020
  • I am enjoying it too. I got completely sucked into it yesterday after having thought "Ugh. Java client." No idea wtf I'm doing, but I'm having fun doing it.
    in Fatty Comment by Baseizo7 February 2020
  • Well. 50pts for a reason. Update: "Wonky" would describe this client pretty well, I think. Update #2: TIL how to decompile a jar file... Is it a rabbit hole to think we need to alter this (if possible or is signing an issue?) to work aro…
    in Fatty Comment by Baseizo7 February 2020
  • Interesting. Reloaded active machines status page, now saw a "play" button, clicked that and got a red "Machine not found" error message. I'm assuming some technical issue with deploying Fatty. No worries. From Discord #announc…
    in Fatty Comment by Baseizo7 February 2020
  • ... and ... Hrm, box indicated as up, but pings return destination unreachable. Before we all go crazy with blind nmap rage would this be considered part of the Insane-ity? :-) Or it's just down for us-vip-3.
    in Fatty Comment by Baseizo7 February 2020
  • Is "the tool to bake your recipe" a common one? Something normally included on Kali for example? Or is it something we have to find? Is there any blog post or other material relevant to this kind of thing I could read up on? I'm completely…
  • I had to put this Challenge aside for a few days because I had let myself get unnecessarily frustrated, had stopped thinking clearly, and backed myself into a corner logically which meant there was no way I was going to solve it. Here are some guid…
  • Need a nudge. I know the magic word, have seen the source and checked the binary used on Scavenger. But how can you use it if you do not have a real tty shell? What cmd are passed to a "shell" in php space does not seem to work for this ki…
Avatar

Howdy, Stranger!

Click here to create an account.