I need a small nudge for root..
so I have all the various files, got user.txt..
found some interesting things in the incident files.
Also found some articles talking about the compiled file..but struggling to connect the dots....
Update: so after s…
anyone care to give me a nudge?
Am still in the user stage. Have however been able to log into jail.
Then exploited it which gives me ability to read files..
found some interesting things but it's not showing me full content of the files.
not sure w…
keep in mind that a website can have multiple faces... so based on the request the webserver serves different content.. so hammering port 80 might not show anything to you... but a "different" port 80 does..
anyone able to give me a nudge on initial foothold. have found some things... but can't get them to work...
update: ok.. so I have a bit more.. found a way to get the box to access something I am hosting.. but still no further luck
Would someone be able to point me to some good reading resources / provide a hint?
Got some credentials, am able to generate a token, know of a specific function that can be abused.. but how...
*update - thanks for the people giving a nudge. finall…
anyone care to give me a hint on this one?
got some keys, made a cert, opened a site I couldn't access before where again I can generate keypairs..
but then what...
^ never mind... had some stupid terminal glitch messing up my keys
Anyone able to give me a push in right direction?
I can access the high port but need to login there... no creds found for that :(
assume something to do with initial foothold but looked at all commands I have there but don't seem to able to grasp h…
ok.. so logged in on the web page.. pulled some notes..
connected to a different service where I can read and write files..
but then what :( probably something basic..
if anyone can send me a small nudge.. would be much appreciated.
think about the platform bounty is running on.
And that goes from multiple angles... what web server is running and what kind of files are associated? and what OS is running and what can you do with that?