east

About

Username
east
Joined
Visits
28
Last Active
Roles
Member

Comments

  • edited
    in Obscurity Comment by east November 2019
  • Higher ports seem open though
    in Obscurity Comment by east November 2019
  • Rooted. Fun box! User: Once you find the login page, consider the name of the box. This will allow you to get some creds. You will likely need to write your own script. You don't need to guess. Root: gtfobins.
    in Mango Comment by east October 2019
  • Rooted, thanks @gall0ws for nudges. Fun box, difficult but doable. Good work @thek. Am curious if this can be exploited to get root shell or just read the flag? I did the latter. EDIT: nvm, I wasn't looking closely enough. User: Enumeration leads y…
    in Registry Comment by east October 2019
  • So I've successfully created a R*P attack to get user, and have the Root Password. But it doesn't let me use it to ssh into root. Am I going about this wrong? Edit: Got it. User: Go through the very useful Ellingson writeup (https://0xrick.github.…
    in Safe Comment by east October 2019
  • If you're stuck on getting user just make sure you properly decrypt the base64... I was being silly
    in Haystack Comment by east July 2019
  • see below
    in Haystack Comment by east July 2019
  • Got root finally, thanks @odinshell for the nudges
    in Writeup Comment by east July 2019
  • @govsec said: (Quote) Thanks, I ended up doing it with the exploit itself and the queen song wordlist. Now stuck on root. See the processes with pspy but don't know what to do with them.
    in Writeup Comment by east July 2019
  • Got the salt and pass, unsure how to proceed with these? Trying to brute force with hashcat but looks like it's going to take a while... I'm assuming there has to be a better way? Please DM if you can offer a hint.
    in Writeup Comment by east July 2019
  • Finally rooted, thanks @TGZed for the nudges!
    in LaCasaDePapel Comment by east July 2019
  • Was able to get user shell and see the vulnerability right in front of me, but am unsure how to exploit it. Any nudges? Will be hanging out on: webchat.freenode.net channel: lacasadepapel or DM me please
    in LaCasaDePapel Comment by east July 2019
Avatar

Howdy, Stranger!

Click here to create an account.