for those who ask about how to find the username?
Guys.... basic LFI lesson: What is the file that first check when u find an LFI vuln???
...well more hint? OK.... take it: http://lmgtfy.com/?q=Testing%20for%20LFI%20inclusion
B coolz my friend & don't blame your self... Just try to take advantage of the 1st vulnerability u find by examining specific files contents that can give both info...
Hint: u need to explore more than one file to get all cred/s.
@NixAvem @bergabman OK Guys.... I just got r00t!
I was sooooo close all this time.
I had made the whole connections correctly and i left out only the last easy parameter from the .... second (the easy one) connection!!!
wtf!! thx guys, anyway ;)…
I 've done port frwrding, i open vnc, but my existing credentials not working . What i suppose to do is to pass the secret file, to make the correct connection.
Maybe my hypothesis is completely wrong btw.... since I read some posts about a…
I believe I am the same position. My very rough goal is: to access from my local box, the XXX service that runs under 'root'. I suppose this must be done somehow by pivoting the user C****x (that i actually have access). The above link t…
I am working on the same page...
Actually I can c, two services that look promising: One is the 3-letter you mention, the other one is s******il service.
Currently I m focus on tha 1st one....
1. I have made port forwarding to test it (ahm..…
My quick Guide is the following:
1. get user access <<===========================
step 1: try web access
step 2: look behind the... DOM ;)
step 3: Get the hint u find from step 2.
step 4: Goto to this... hint ;)
step 5: check known vulns on th…