edit: That was easier than I thought it was going to be.
User: took me longer than it should have because I was for sure the method I was trying to get a foothold was the correct method, but I just couldn't get it to work
Root: pretty straightforw…
Foothold - fun. OSWE like, from what I hear (starting mine in a couple of weeks). Pretty easy, but challenging enough to make someone work a bit, especially if they aren't familiar with this exploit class.
Root - Was also not bad. But, well, I'm n…
Rooted. Struggled a while on the foothold after I got around all my 502 errors.
User was easy.
Root was funny because whenever i cat'd a certain file, I didn't see what I needed to see to privesc. Idk if my terminal was messed up or something, but…
Haven't had much time to work on this one, but every time I do, I get 502s on the g**.**********.*** page
Resets dont' work. At first a server change worked, but now it doesn't, and I'm too lazy to keep changing it until it works.
I think I'll jus…
Type your comment> @sx02089 said:
You know, I think about that a lot, and then I don't end up doing it until I reinstall the OS or VM. It would definitely be a good practice to update more often, haha.
I struggled a bit with getting the foothold. I found the method I was supposed to use in about 10 minutes, but I overlooked the part where you need to use a different sd. I spun my wheels there for a bit.
The path to root from foothold wasn't bad. …
It kind of combines my endless search for something new to learn. Computers/programming have always been a hobby of mine. I'll probably never work in the field since I already have a good gig, but "hacking" (I hate that word) in my spare t…
Also for the foothold, the way I found it was using a website that scans a certain file that is exclusive to the language involved in the blog. It parses the file and looks for vulns.
I found it like 5 minutes after the box was live. I was sure I w…
Type your comment> @sparkla said:
Just got home from working all weekend and rooted within a couple of hours. I spent 95% of my time trying to figure out what I had wrong in getting foothold. Seems to be par for the course for me.
Type your comment> @DancinHype said:
If we're talking about the same thing, I think we have to modify the payload and the encoding seems finicky to me, but I generally don't know what I'm going. lol
So I'm about 91.6% sure about the path to a foothold, I just am having a hard time installing tooling. For those struggling, think of the name of the box and what app is running something like the name, and what we commonly look for to exploit apps.…
Type your comment> @zer0bubble said:
As in you made yourself an account, or found some somewhere?
Edit: I don't speak this language. I don't think I need an exploit, per se.
Edit: If anyone is on here that has gotten a foothold, am I s…
Type your comment> @SanderZ31 said:
Will this involve installing some random software that isn't normally installed on linux/kali/whatever to access something? It's the only lead I have at this moment.
Edit: I don't think th…
Well, at least how I see it, "hacking" is learned by getting your hands dirty and figuring stuff out by reading blogs, watching youtube videos, and spending a lot of time in the mud. Don't be afraid of walkthroughs of HTB retired b…
Type your comment> @wazKoo said:
Yeah, I agree, that was a bit obtuse. I figured it out pretty much from luck and viewing source because I found it odd that this page existed, but nothing was there. It was kind of sticking out like a sor…
Type your comment> @TazWake said:
portswigger is underrated IMO, lots of stuff on there, great site.
If someone goes through all of that, it'd be a great foundation.
Not affiliated with any website, company, etc. Hahaha