dontknow

About

Username
dontknow
Joined
Visits
1,197
Last Active
Roles
Member

Comments

  • [long and kinda misleading question about cve] EDIT: got www shell\nCheck what special chars are not allowed in desired field. Remove them completely, you can divide rce into as many parts as you want. I wonder if it is possible to crack hashes fro…
    in Wall Comment by dontknow September 2019
  • I wandering how to make sqlmap do things for me in w***s. I tried capturing request with wireshark, seen specific protocol, and data sent looks very simple, i just dont know how to specify it. Can you give me a push of how to get db mane for access …
  • Hint for user: search something similar to msg from .jpg in all index data from :9200 Search until you find all parts. Can someone point me on what to do as banana user? I can see this user running app, but it does not look like app contains someth…
  • Can someone help me with foothold-user? I found .img and dir with ***cat files in it, but i have no idea how they can be useful. Also found some methods, but cant properly interact with them yet.
    in Arkham Comment by dontknow July 2019
  • Type your comment> @hansraj47 said: (Quote) That really looks like answer about PUT. I wanna confirm, are you talking about TRACE or PUT?
    in Arkham Comment by dontknow July 2019
  • Can someone explain why that "Potentially risky method" on 80 port does not work as many whitepapers tell it should work? And maybe you could send me articles about exploiting this kind of vulns?
    in Arkham Comment by dontknow July 2019
  • Any hing about escaping **-pc? I found new web server and potential username in to-do, but dont know password. EDIT: If you struggling with gogs password - take a step back, and from your first docker enumerate common places where something stores …
    in Ghoul Comment by dontknow July 2019
  • Can someone explain how i can extract hashes from that admin instance? I tried modifying file handling hashing, but always get syntax errors, unexpected line breaks and other python stuff.
    in Fortune Comment by dontknow July 2019
  • If you are trying to crack ssh passphrase dont waste your time with rockyou or any other large wordlist - use custom (maybe cewl'ed) wordlist.
    in Ghoul Comment by dontknow July 2019
  • Does any one encountered "cannot access" error on mounted inner file system? Or maybe it should be mounted somehow in a special way? EDIT: Never mind, debug sayed that resource was busy, and my ssh key got revoked.
    in Fortune Comment by dontknow June 2019
  • Can someone give a hint what to do inside backdoor? *** shells seems not working, ***info did not give anything that interested me. I sometimes trigger Japanese city, but i dont know what exactly couz this behavior, can someone explain? And how can…
  • Type your comment> @TazWake said: (Quote) I suppose you mean that overflow in x32 apps occurs in $esp, and in x86_64 in $rsp,$rbp. And i need calculate overflow length, right? If yes - for start i need set break on something checking my input, …
    in Ellingson Comment by dontknow June 2019
  • Type your comment> @TazWake said: (Quote) No, should peda checksec give me a hint about it?
    in Ellingson Comment by dontknow June 2019
  • Can someone give me example/send me material how i can locate overflow length when i can not read esp?
    in Ellingson Comment by dontknow June 2019
  • Spoiler Removed
    in Ellingson Comment by dontknow June 2019
  • What's wrong with this password? I found and cracked one hash, of course it didn't work. Remembered post about passwords from Plague, modified pass few times - nothing worked. EDIT: Plague's post gives you hint about what type of passwords you can e…
    in Ellingson Comment by dontknow June 2019
  • If your python http server gives 404 on files which you definitely have - consider switching to apache with proxy.py.
  • [solved question about uploading] If u need help with addon uploading part - feel free to PM me.
    in onetwoseven Comment by dontknow May 2019
  • deleted misleading comment
  • Can someone give me a hint about sftp part? I tried creating links, but i limited in web root (www), so i didn't manage browse something interesting. And i tried uploading shell and giving 777 to it, but getting 403 all the time. What am i missing? …
  • Can anyone give me a hint what to do after getting w****-da****? EDIT: He used the same password even there... EDIT: Rooted, PM me if u need help.
    in Chaos Comment by dontknow April 2019
  • Another deleted misleading comment, feel so uneducated...
    in Vault Comment by dontknow April 2019
  • deleted misleading comment
    in Vault Comment by dontknow March 2019
Avatar

Howdy, Stranger!

Click here to create an account.