japh42
About
- Username
- japh42
- Joined
- Visits
- 218
- Last Active
- Roles
- Member
Comments
-
For me, the foothold wasn't too tough, but a failure during the enumeration killed about 6 hours of my time. See, when I enumerated, the tool I used told me that a certain thing was inaccessible, so I never tried to further enumerate it. Thus, eve…
-
@lebutter said: (Quote) Yeah, I rationalized it in my head by saying, "Well, maybe that user was attempting to authenticate to an unencrypted web-mail server link that I sent, except that's not what I sent, but I could have." :smiley:
-
(Quote) Yeah, I figured they had something scripted up to automate reading mail and clicking on things or executing attachments or something. I haven't stumbled upon the correct payload yet to get the target to reach back to my system...
-
Just started this box today. I've found multiple addresses and have been trying different bait to no avail. In real life you'd want to exploit a trust relationship between the sender and the targeted recipient to set the hook... Is the case here?…
-
Whew. Rooted. Foothold The initial foothold for this was what took the longest. I eventually had to follow the advice of some of the commenters and install a local copy of the service to find where important files were stored. Even with that, i…
-
That was an adventure! Rooted. The hardest part, for me, was getting past the login page. Despite it being easy and trivial for some folks, and while I'd read about those attacks and understand exactly how they work, I'd never had to actually do …
-
This was harder for me than it should have been, mostly due to time spent trying to get a functional foothold shell and trying to get the root part to work remotely. This was a struggle, trying to find a way to do it without having to use a tool wh…
-
(Quote) Watch the spoilers, please. :-D I saw your post, before it was removed, and was having the same issue you were, but then saw several people in the forums saying they didn't even use that tool at all but instead used a script developed by s…
-
Maybe I'm just blind, but is there a place in the new beta to view my current VPN connection information and statistics, similar to what is available on the older HTB "Access" web page? I looked for this info in the new platform but was u…
-
Rooted. There is an abundance of information here in the forums, which was good for me because I was really stuck on finding the file with the initial foothold username. Once I got that, however, the rest was pretty easy. Also, you can ignore the…
-
@Osiris21 Oh, no worries! I'm learning here as well, so when I noticed the problem and was able to get it working, I wanted to pass along what I'd learned. :smiley: @Osiris21 said: (Quote)
-
Just in case anyone is trying to solve this and comes across this post... I ran into this problem just now on Lame as well and was able to figure it out. My guess is the actual exploit itself has changed since the walkthroughs were written, or else…
-
Regarding metasploit, I ran into this problem just now on Lame as well and was able to figure it out. My guess is the actual exploit itself has changed since the walkthroughs were written, or else maybe my metasploit somehow was different. Anyway, …
-
I ran into this problem just now on Lame as well and was able to figure it out. My guess is the actual exploit itself has changed since the walkthroughs were written, or else maybe my metasploit somehow was different. Anyway, it appears the exploi…
