sk2k

About

Username
sk2k
Joined
Visits
85
Last Active
Roles
Member

Comments

  • (Quote) Yea don't overthink this, its nothing complicated
    in Valentine Comment by sk2k May 2018
  • (Quote) Have you enumerated all the dirs/files?
    in Valentine Comment by sk2k May 2018
  • (Quote) There's a few different files, if you find the right one you might be able to find a few bits of information in it, but you might need to ask you're friend john to help you read them. (Quote) If you dont have a meterpreter shell, maybe you …
    in AX Jeeves Comment by sk2k May 2018
  • I feel i fumbled my way through a lot of the start of this one, so take my advice with a grain of salt. If you see the timestamp, you have the right parameter, now you just need a value... just repeat what you've done until now for it, look for an…
  • (Quote) i dunno man, i'm pretty sure there's plenty of things you can pass to it that'll run
    in Hint for Sunday Comment by sk2k May 2018
  • (Quote) If you have shell access, take another look into the services you know are running, take a look if there's any messages left that might leave a clue on what to attack
    in Aragog Comment by sk2k May 2018
  • Just a warning, i had both the valid exploit with valid shellcode, when the machine has just been reset it works fine, but any other time it just doesn't connect back. So just be aware, just because its not connecting or stable doesn't mean you are…
    in Chatterbox Comment by sk2k May 2018
  • (Quote) Spent ages trying to figure this out and ended up on the next step early through enum... So not sure how big a hint this is, but try and ssh manually
    in Aragog Comment by sk2k May 2018
  • Jeez, finally got a working shell that lasted longer than 20 seconds and rooted, glad to be over this one, the inconsistent shell was driving me mad
    in Chatterbox Comment by sk2k May 2018
  • (Quote) That's one way, but its really not needed, think people doing it that way and screwing up is the reason the box keeps breaking, if you read the manpages there's other ways.
    in Hint for Sunday Comment by sk2k May 2018
  • (Quote) Check if root is running anything interesting
    in Poison Comment by sk2k May 2018
  • (Quote) Best advice I've seen is what is the format of the t***.*** file... and how can you use that with the other one.
    in Aragog Comment by sk2k May 2018
  • (Quote) Find out what commands you can run... then think about how you can use it to either get a shell escalation or skip the shell escalation entirely
    in Hint for Sunday Comment by sk2k May 2018
  • (Quote) as valentinelocke said, make sure to run a full nmap scan, if you know the users and a valid entry point, then you need to make some educated guesses to gain a shell
    in Hint for Sunday Comment by sk2k May 2018
  • yea, turns out someone had overwritten something they probably shouldn't have (it worked, but decent chance of breaking the box)... but my way was still viable for reading the root.txt anyway.
    in Hint for Sunday Comment by sk2k May 2018
  • really depends if you are more comfortable with linux or windows, but i found nibbles is the easiest to get root and user poison is easy enough with user, and root isn't to hard valentine is pretty easy if you know the exploit as well
  • not sure if I did the root exploit properly as a ton of people where messing with the machine... and i'm not sure if they've changed a file a little (machine was going down every 5-10 mins, and tons of system files getting wiped) machine was quite …
    in Hint for Sunday Comment by sk2k May 2018
  • (Quote) One of the wordlists you mentioned should have bought back something, maybe you overlooked the results? Don't worry about extensions.
    in Stratosphere Comment by sk2k May 2018
  • Hit the same issue as a few others, have the RCE and a few credentials which don't appear to work in several locations I've tried. Can anyone PM me a hint of what i'm looking for to progress, any help appreciated.
    in Stratosphere Comment by sk2k May 2018
Avatar

Howdy, Stranger!

Click here to create an account.