Type your comment> @TazWake said:
Nevermind, I was tired and a moron at the same time... it said Remote port forwarding refused and thought it was because of the process spawning like crazy, but I did not realize that I was already occup…
thanks but the thing is that I cannot tunnel a port that is not opened because the process that uses it dies quicker than John Wick's victims.
Im on VIP and havent launch the exploit yet.
Ill try tomorrow :)
Type your comment> @quantumtheory said:
Edit the picture, you will see something. Then, just decode. As I said, it's way faster if you script it, but it can also be done manually.
As for m0rsarchive , just find a way to decode the pass…
I thought I add everything I needed, but somehow my curl post still says "bad_route"... Followed the doc to the letter, fuzzed the parent directory just in case but no creds received :/
EDIT: got it thanks to @dinosn who showed…
Haha that's the kind of challenge that once you start you cannot stop even though you know you will spend quite some time on it.
Just wanted to check if it could be done 100% with bash... Yes sir! 60 lines of code, some headaches, and few minutes t…
Type your comment> @tilznit said:
ah, so when it is off, it is not really intented? It can be on sometimes? oO
I don't think it is a rabbit hole as people here got it with the metasploit module. I have'nt changed the script, I just chec…
Rooted! Thanks @nasri136TH for the nudge ;)
Nice box but I wasted a sh*t ton of time on user1 -> user2 escalation as the command that I first sent wiped clean the file I wanted to read... And it is possible to do that with all the files that bel…
Type your comment> @Dzsanosz said:
> Can someone please explain me in PM, why am I getting these strange erros??
> 10.10.10.186 - - [03/May/2020 13:43:22] code 404, message File not found
> I am going crazy...
What is the ne…
Root dance yesterday! What a journey! This has been the longest path to root ever! I learned a ton of stuff and rooting this beast was not easy... So my hints and thanks are:
* foothold: find a way to bypass the WAF
* crack those hashes (thanks @C…
Type your comment> @limbernie said:
> Fun box. Good refresher on the directory that's light and all things Windows in general.
I agree, I actually loved that foothold! However WTF with the flag?? I reset the machine twice already, the hash…
Type your comment> @moszkva said:
You should enumerate Domain Users using the same technique you used for the 17 users you found. However, I must say that even if I got a list of them, I could not authenticate with any of them :/