Last Active


  • Type your comment> @Ric0 said: > Hi, I have been struggling with O***** M***** R***** S**** to upload correctly obfuscated php shell in jpg. Trying to fix a script found on exploit-db. Appreciate any nudges. Or ... this is rabbit hole ;) …
  • Type your comment> @Szkiel said: > @BigNuggets: it is the same for me, and I noticed other people asking about this issue on discord. Let me know if you get any answer on it please
  • Type your comment> @Szkiel said: > Hi guys, just wanted to ask for help with pivoting from the entry machine. I tried to use autoroute/socks_proxy/proxychains combinations and it seems to be fine but still, it is not getting me anywhere. >…
  • Just got root on the first box root flag was accepted but user flag saying invalid? This happen to anyone else or am I missing something?
  • Stuck on initial foothold. Got usernames and have enum’d everything I can think of. Can I get a nudge please?
  • Fun box, thanks to the creator. Foothold: after you find the spot where you login, think very old school prevalent OWASP top 10. User: I got stuck here thank you @TazWake for the nudge. Root: Enumerate when you find your target, don’t o…
    in Magic Comment by BigNuggets June 2020
  • Wow! This box was hard for me am not great on Windows but learned a lot through this! user 1: You need to take your outside enumeration tools to the next generation! user 2: When enumeration making sure you're listing ALL files root: Pay attention …
    in Resolute Comment by BigNuggets May 2020
  • What a box well done @MrR3boot. I was struggling with admin initial and then user thank you @TazWake for the help! Tip for all boxes: read ALL the forum posts and take notes, even if at the time they strike you as nonsense. They will come in hand…
    in Book Comment by BigNuggets May 2020
  • Just popped root what a fun box! Got to learn a lot of cool new tools as well! Now I've popped all of the "easy" boxes and finally got out of "Script Kiddie" rank :smile: User 1: look over the company site - this is pretty close…
    in Sauna Comment by BigNuggets May 2020
  • Capped user.txt. I believe I see the path to root, but will have to wait till tomorrow. Too many resets gotta be quicker I guess lol. UPDATE : just submitted root flag :) that was fun!!! User: utilize scripts when enumerating, they can show low ha…
    in ServMon Comment by BigNuggets May 2020
  • This was the hardest box I’ve done yet. Learned a new tool and technique from it though. Big kudos to the creators on this site you help everyone improve their skills. User: this was the hardest part for me, I’ve not seen/done anything with V* s…
    in Nest Comment by BigNuggets May 2020
  • > @roman1 said: > Hey guys, stuck after f** login. Could anyone please pm me some nudges? Thank you Extract and compare to live
    in Admirer Comment by BigNuggets May 2020
  • Just popped root :). Wow! What a fun box!! Outstanding work to the creators!! User: I use ffuf for dir fuzzing, for this box you definitely want to look over all the options of '-h' and look for other ones that might be useful when brute forcing. …
    in Admirer Comment by BigNuggets May 2020
  • Just popped root :) super fun box! User: To find what ye seek, you must go back to the source of what you're searching. Root: Definitely was overthinking this one at first, by far the most helpful tool was pspy. Also, you don't need to be super …
    in Traceback Comment by BigNuggets May 2020
  • User: Always scan all ports, the more information the better. Root: I did the T******** exploit I found to get creds, but I wasn't able to find where I could use that. Instead used a standard Windows priv. esc. tool. After that ran into the shell i…
    in Remote Comment by BigNuggets May 2020

Howdy, Stranger!

Click here to create an account.