FYI if anyone is stuck on this. Edit /etc/ssh/sshd_config and change "Port" to anything you want. SSH is only blocked on the standard port. I still wouldn't recommend leaving it enabled though, just start it when you need and stop …
Finally rooted. This one requires you to take care with your enumeration. I needed two nudges for user that I wouldn't have if I had been more thorough and thoughtful.
My only other piece of advice is to practice your file searching tools (grep, fi…
Rooted. Foothold was a pain but really, as people say: "don't overthink it". You found a file, think about the instructions and take them literally. There are many clues that hint to the next step at each point, read the files and think ab…
Bypassing the guard on this one has got me stumped. I've tried URL, Unicode, octal, hex, string concat, mixed-case, inline comments. Can any nudge me towards the right one please?
Ignore this, it's all unnecessary -_-
Rooted. Was fun!
Wasted so much time on the foothold by querying a higher port because a lower port initially timed out. The information you need is not present in that higher one. Don't make my mistake.
Secondly, a certain cook gave me a meal tha…
If someone can PM me a hint for initial foothold, I would be eternally grateful :)
I have reached the admin panel and got files onto the server, but none that I have tried will connect back to me to provide a shell.
EDIT: Nevermind, got in :)
Rooted. Wow that took a long time but was wonderfully educational. Thanks @MinatoTW & @felamos!
Foothold: Look around for something vulnerable to injection. Research how that works. Don't use the tool in the packet, set it up yourself u…
Can anyone throw a nudge my way please?
I have managed to get an Indian webshell using R**, but it is restricted and rather slow, so I am trying to get a more interactive one. However, I am unable to upload any files to the server as there are no w…
Finally! What a challenge that was :smile:
Huge shout out to @VbScrub for the fun box!
Props to @n00py whose hint got me over the last hurdle.
Thanks to both! :wink:
Completed start to finish on Kali alone. There are ways.