meni0n

About

Username
meni0n
Joined
Visits
864
Last Active
Roles
Member

Comments

  • This box is so buggy. i've been uploading the file and running responder for 40 mins now. In wireshark I can see the handshake start and then the box sends a RST packet. Do these boxes get tested
    in Sizzle Comment by meni0n January 16
  • Maybe add a category column in the box listing and assign CTF or Real-World value to boxes that come out. Try to release a box of each category weekly? I too don't enjoy the CTF boxes much. I did 30 days of Offshore and let me tell you, I learned a …
  • Can someone help with encrypting the payload please
  • Getting user was harder than root... i didn't know that it was possible to do what it was doing.. learn something new everyday I guess...
    in Teacher Comment by meni0n December 2018
  • @0xlc said: is play*** a rabbit hole? No it's not
    in Frolic Comment by meni0n October 2018
  • Was thinking of getting it but you got to redo the exam every three years it seems... Not really what I would want to do. If you got the OSCP, you still got to pass the CPSA...
  • > @tigr8787 said: > @meni0n Try using a different method to generate the payload. Hmm I can't really find any other tools to generate a .r** I tried two different msf modules and a script off github but no shell 😞
    in Reel Comment by meni0n August 2018
  • No idea why I can't get a reverse shell on this. I am using the service to send a specific file format that I generated with a msf module but I can never get a reverse shell....
    in Reel Comment by meni0n August 2018
  • I'm doing this now. Would love a hint... does this need a BO....
  • Keeps crashing on smb on VIP
    in SecNotes Comment by meni0n August 2018
  • What command can you use when using the s****t ?
    in Dab Comment by meni0n August 2018
  • i think I know what service to exploit but I can't get to the service... can't someone help out?
    in Reel Comment by meni0n August 2018
  • @mitm3r said: > @meni0n said: > I don't understand why my enum is not working. I talked to another person and their s**client was working fine but I keep getting connection reset all the time... Try Linux file manager …
  • @osama123 said: @midi said: Is the BoF in the exam similar to something like Chatterbox where you have to identify the service, then simply rewrite the shellcode of a pre-existing exploit script? Or do they expect you to write your …
  • Been reading the php files trying to find a way to exploit them but not really seeing a way.. can someone help out?
  • I don't understand why my enum is not working. I talked to another person and their s**client was working fine but I keep getting connection reset all the time...
  • I'v enumerated with gobuster and dirb using dirbuster list but not finding anything after getting into the first login.... can anyone send a hint?
    in Mischeif Comment by meni0n July 2018
  • Finally got root flag, man what a painful box....
  • @dm0n said: For the first part, you should watch some of gynvaels videos No idea what to do after that tho. Not very useful since it's not in english....
    in Blackhole Comment by meni0n July 2018
  • Even just trying a very simple wshell way is not going anywhere...
    in Bounty Comment by meni0n July 2018
  • Can someone help me out on how to pass that password to the service? It keeps giving me event not found error when I try to use it with the RCE. I tried all kinds of different quotes variations but still get the same error...
    in Stratosphere Comment by meni0n July 2018
  • Can someone please let me know what kind of payload to use. I know what file I need to upload but I keep getting 500 error whenever I try to access it after doing the upload
    in Bounty Comment by meni0n July 2018
  • I tried that password like 20 times... now it works... this machine sucks...
    in Jerry Comment by meni0n July 2018
  • I tried all the default credentials but still can't get it... what am i missing here...
    in Jerry Comment by meni0n July 2018
  • I hate these machines with just jerrys friend and no way to string together some exploits to get the login information. Throw me an lfi somewhere at least
    in Jerry Comment by meni0n July 2018
  • Is there only one service in this?? I'm having a hard time finding something to exploit....
    in Jerry Comment by meni0n July 2018
  • Thanks, tried installing docker in Kali but no success. Have to troubleshoot that now...
  • Is there an actual step by step tutorial on how to build this? There's not much information on git itself on how to build it.
  • Do you have to do anything to the password for the drop service?
    in Silo Comment by meni0n May 2018
Avatar

Howdy, Stranger!

Click here to create an account.