leorac

About

Username
leorac
Joined
Visits
214
Last Active
Roles
Member

Comments

  • Rooted! Some hints: * Foothold: how do you say you've not to bruteforce? You have to! But you have to craft your wordlist. Unless you're a genious of guessing :wink: * User: what is the first step you do when you get a shell exploiting a php applic…
  • Rooted with Shell. Nice machine and nice way to do some publicity to yourself @Xh4H ;)
    in Traceback Comment by leorac March 2020
  • Got the root finally. For final step, dont' ignore the .exe file you got. What can you do with an exe file if you're not able to run it? Maybe tear it apart? ;)
    in Nest Comment by leorac January 2020
  • Type your comment> @prahar said: (Quote) Remember that sc.exe and sc are two different things ;) However, rooted thanks to @scipher
    in Resolute Comment by leorac January 2020
  • Rooted! Initial foothold: too much easy User: don't try to bruteforce the pass, bruteforce the key ;) Root: Simple but tricky... one advice: when you read gtfobins, the most important part is the first line, where it talks about a very small editor.
  • Rooted. Finding the seclists.org vulnerability article is the key. You can also achive root by fuzzing the script parameter, but you will got the shell not knowing why lol
  • > @amshusky18 said: > Guys, Any hints on Priv esc? I'm stuck after user.. I read the clues mentioned above, but not sure what to do about it.. sometimes you cross the H2O going through a tunnel ;)
    in Hawk Comment by leorac July 2018
  • Incredible root! So simple but clever. Learned a lot with this box!
    in Stratosphere Comment by leorac July 2018
  • Thank you very much!
  • Got root flag. The most anoying root i got!
  • Got root. Very very interesting machine and very interesting technologies involved. PM if you need help.
    in Canape Comment by leorac June 2018
  • any hint on how to exploit the viewstate?
    in Bounty Comment by leorac June 2018
  • (Quote) Spoiler Removed - Arrexel
    in Bounty Comment by leorac June 2018
  • > Maybe you're not looking for a directory ;) Done that too... But I'll try more ;)
    in Bounty Comment by leorac June 2018
  • Any hint to what to find with dirb? Can't enumerate anything apart a iis dir and a forbidden upload dir
    in Bounty Comment by leorac June 2018
  • i've done the reverse using nc ipaddr port but the connection die istantly. Any other type of reverse doesn't work. Any hint?
    in Canape Comment by leorac June 2018
  • (Quote) don't think about the script. Think about the admin that is constantly logging in.. like it was a real person. What should you do to steal his password? ;)
    in Aragog Comment by leorac June 2018
  • Just rooted this machine. I've learned a lot but is a very strange asset! PM if you need
    in Aragog Comment by leorac June 2018
  • (Quote) There must be a father with 3 sons ;)
  • Owned... pm if you need
  • rooted, pm if you need
    in Valentine Comment by leorac June 2018
  • rooted, pm if you need
    in Poison Comment by leorac June 2018
  • Rooted! PM if you need
  • got the user. PM me if you need something. Any hint for the root? can't find anything
  • Spoiler Removed - Arrexel
    in I Know Mag1k Comment by leorac May 2018
  • Can anyone help me? i've tried the bitflipping with burpsuite grepping the username on profile, but the problem is that i don't get error and so i'm not able to enumerate the users to find others. Can anyone give me a hint or PM me?
    in I Know Mag1k Comment by leorac May 2018
  • (Quote) maybe he want the username in the json payload exactly as the original one? ;)
Avatar

Howdy, Stranger!

Click here to create an account.