Looking for a teammate(s).
I have almost no knowledge about re/pwn, and have little will to learn it. Everything else know at least well and study it.
I wanna progress on htb and get ability to do Endgame, but i always have 1 or 2 pwn-orientated mac…
Should not i be able to login somewhere as my customer account using connected auth account? If you willing to clarify how things work in this machine, i can pm my steps.
Could someone recommend article or method how to properly put malicious stuff in docx for this machine? I have no expiriense in this field, for now i could not understand how it works just by looking deeper in docx.
Can someone give a hint about foothold? I am playing with web serv, but responses seems strange and generic. Also, struggling file people are talking about.
How to start pwning root binary? Usually i find bof, but for this bin i did not found anything like that. I am trying to find any leak or place where i can write input, but i just dont see any weak spot.
Can someone send article explaining how to fi…
Is there a way to identify developer/name of this t**p? I am struggling to find correct documentation.
EDIT: so no docs found... But blindly searching for attacks for that kind of service helped.
Type your comment> @phycomp said:
(Quote)
In docs of this app you can find file type that determines how the application works (if you strugling to understand what is this file, look at examples in git repo)., and structure of client requests.
…
Can someone give a hint about solving Secret Message? I tried some auto tools on encrypted.txt and all of them did not gave good key, so i started doing stuff manually, i think i got correct first 5 letters...
EDIT: so good auto tools exist, it is …
Type your comment> @commercialeer said:
(Quote)
If you talking about first script (from web server) - look for comments in code from author, if developer does not particularly understand how something should be done, then this something have hig…
Type your comment> @ghost5egy said:
(Quote)
On the main page you can find direction (file in dir), you can try to find this 'directory' manually or use small wordlist of very common dirs. It is important to look at the very specific error messag…
Can someone help with overflow?
I have working script for my local machine, but in jet machine it prints some strange characters in the middle of execution and then fails, can't understand why.
EDIT: proper tty is critical. You can find methods by…
So, does anyone know how to make machine understand queries correctly and not give "but i'm single" "select few" "err err" instead of actual words? I am using tts org with male voice. I am trying to add spaces to make a…
Any hint on command's payload/action?
I can do simple stuff, but if i try to manipulate potential target (found only one in dashboard) it is just not happening.
EDIT: So, manipulate potential target (doing XSS) pointless indeed. Look for vulns in un…
Can someone help me with initial malware drop?
I think i obfuscated all scary words in script, then clippy-added script to doc, but something still blocking malicious stuff. I can send you vba and clippy command in PM
EDIT: so vda not needed, i tho…
Could someone explain how i can interact with, i suppose, contract? I am using python script and can call function, but getting < error. And if i am sending input to this function i getting wrong number of args error, which is strange, can't unde…
What could possibly be done with this uploading?
EDIT: Without knowing how uploading work it is really hard to highlight useful vuln from tons of strange search results.
I have absolutely no idea how people guessed right way to file in process.
If you are trying to enumerate all what you can, and then somehow combine it to way-to-go this is not that kind of machine, at least it is not for foothold's file in process.
Is am writing script to interact in internal service used python and bash scripts to do it, but they both failed. Help?
EDIT: If you writing script with sockets or call and it is not working - consider using telnetlib, simple and efficient.
I am chaining vulns for foothold, i can see what can be used for getting shell, but my script not working as i expect.
Edit: if you trying to write your own stuff from the beginning and it is not working, consider using existing things on machine. …
Can someone give a hint for foothold?
I can see special service, but throwing random stuff in it does not sounds fun. I checked for shellshocks, $(id) stuff - nothing.
I tried finding something on webserver (most of my requests get cancelled, even…
Looking for help with foothold:
I am trying to leak info from ftp, trying proxy-connecting from zetta to my server, but... i suppose, i can not? Or my command incorrect? Anyway, is it looking like right way to go? If yes, can you consult me how to d…