Last Active


  • One of the nicest machines I have seen yet even though I'm a newbie. Kudos to @dm0n and @Stylish for their work. I learnt a LOOOOT about things and that too in depth; especially since they didn't mean a thing
    in Falafel Comment by Omnisec April 2018
  • m->y. What could I possible be missing? Am I working in the wrong direction with the logs? Anyone care to discuss?
    in Falafel Comment by Omnisec April 2018
  • Running a privesc enum script would most probably shed an highlight on what you are looking for.
  • @davidlightman Even basic RCE is enough to complete this. However, it is also possible to do what you are trying to do. Feel free to PM. However, I think there is enough information here to solve. P.S. Works without globbing as well.
  • @FlapJack Combined all of this discussion is just a one big spoiler. Ummm I don't know if one could put anything else over here. Perhaps DM me if you are still stuck.
    in Sense Comment by Omnisec March 2018
  • If someone could PM with a nudge on how to utilize the found parameter? There is no apparent change in the output with the input I give except for those that are rejected by the WAF. Any help would be appreciated.
  • @MrMars said: Tried: Steghide on image, ran exploit many times msf, ran python exploit about 1000 times (not kidding), md5 (couldn't crack with rockyou & best64/T0XIC, got string for hype, got rsa pr key, nmap/nikto/dirb/uniscan, tried ssh us…
  • Issue with extracting mona.jpg. Says invalid compressed data to inflate .
  • @fatalglitch said: Finally got the shell to be stable, tried several privesc suggested, no luck. Any hints? Hmmm... ever wondered if you already had the priv?
  • @RPSUK said: ok so im obviously not using dirbuster dirb of wfuzz correctly because no matter what list i use or extension i use to search for im not finding anything of use.. can someone PM me with a nudge so not to spoil for anyone else ... …
    in Sense Comment by Omnisec February 2018
  • I'm having an issue with formation of the payload. How to keep the payload under 730 bytes while avoiding the mentioned characters?
  • I'd like to intern with someone but I'm pretty active tho.
  • @r00tbeer said: I would suggest looking up 'SPOILER'. My problem is finding the relevant login. Oracle is not much of a problem for me. Need a push at that.
  • I'm not having a difficulty while "busting" the cookie. However, i do need a little bit of push regarding how to reach the administrator account?

Howdy, Stranger!

Click here to create an account.