Last Active


  • Type your comment> @dragonista said: (Quote) Switching servers solved the problem for me :)
  • Type your comment> @syn4ps said: (Quote) OK, just have to wait a bit :) Thanks @TazWake
  • (Quote) Do you mean that it is accessible from the main domain once uploaded to the bucket?
  • Does someone have a nice article for root? Thanks!
  • Type your comment> @TazWake said: (Quote) Nevermind, I was tired and a moron at the same time... it said Remote port forwarding refused and thought it was because of the process spawning like crazy, but I did not realize that I was already occup…
  • thanks but the thing is that I cannot tunnel a port that is not opened because the process that uses it dies quicker than John Wick's victims. Im on VIP and havent launch the exploit yet. Ill try tomorrow :)
  • How do you guys manage to tunnel when the process comes and goes every second??
  • Type your comment> @philomath213 said: (Quote) OK, I think I got it :)
    in [MISC] QuickR Comment by syn4ps May 28
  • Can someone nudge on how to send the result please? Thanks!
    in [MISC] QuickR Comment by syn4ps May 28
  • Wow! user done! What a ride!!!
    in PlayerTwo Comment by syn4ps May 26
  • How do you run P******.*** ? Cannot readelf nada :/ walking it shows it contains an elf though :/ EDIT: OK, @seekorswim nudged me on how to approach the problem :) I got RCE, steak sauce!
    in PlayerTwo Comment by syn4ps May 25
  • Type your comment> @quantumtheory said: (Quote) Edit the picture, you will see something. Then, just decode. As I said, it's way faster if you script it, but it can also be done manually. As for m0rsarchive , just find a way to decode the pass…
  • I thought I add everything I needed, but somehow my curl post still says "bad_route"... Followed the doc to the letter, fuzzed the parent directory just in case but no creds received :/ Any help? EDIT: got it thanks to @dinosn who showed…
    in PlayerTwo Comment by syn4ps May 23
  • Similar to m0rsarchive but simpler. If you have done the former, this one is done easily :)
  • Haha that's the kind of challenge that once you start you cannot stop even though you know you will spend quite some time on it. Just wanted to check if it could be done 100% with bash... Yes sir! 60 lines of code, some headaches, and few minutes t…
    in M0rsArchive Comment by syn4ps May 21
  • Type your comment> @tilznit said: (Quote) ah, so when it is off, it is not really intented? It can be on sometimes? oO I don't think it is a rabbit hole as people here got it with the metasploit module. I have'nt changed the script, I just chec…
    in Cache Comment by syn4ps May 13
  • I have the pass and salt from the table but is it normal that the former is that short?
    in Cache Comment by syn4ps May 12
  • I don't get the hate, user was pretty dope!
    in Admirer Comment by syn4ps May 8
  • Rooted! Thanks @nasri136TH for the nudge ;) Nice box but I wasted a sh*t ton of time on user1 -> user2 escalation as the command that I first sent wiped clean the file I wanted to read... And it is possible to do that with all the files that bel…
    in Quick Comment by syn4ps May 4
  • Type your comment> @Dzsanosz said: > Can someone please explain me in PM, why am I getting these strange erros?? > - - [03/May/2020 13:43:22] code 404, message File not found > > I am going crazy... What is the ne…
    in Quick Comment by syn4ps May 4
  • Ah man that user part was great! Thanks @MrR3boot that was a nice learning experience!!!
    in Quick Comment by syn4ps May 1
  • Once logged in, should we wait for an admin to search for it bankrobber style? EDIT: nevermind, I think I got it :)
    in Quick Comment by syn4ps April 30
  • Kinda stuck at foothold. Do you use port 9*** with the newer protocol? I get Connection refused :/ EDIT: nevermind, I forgot it uses the other transport protocol. I still don't get any reply though...
    in Quick Comment by syn4ps April 29
  • Rooted with one API command and 2 clicks from the webGUI. The API doc is very useful.
    in ServMon Comment by syn4ps April 16
  • Root dance yesterday! What a journey! This has been the longest path to root ever! I learned a ton of stuff and rooting this beast was not easy... So my hints and thanks are: * foothold: find a way to bypass the WAF * crack those hashes (thanks @C…
    in Multimaster Comment by syn4ps April 13
  • Type your comment> @limbernie said: > Fun box. Good refresher on the directory that's light and all things Windows in general. I agree, I actually loved that foothold! However WTF with the flag?? I reset the machine twice already, the hash…
    in Cascade Comment by syn4ps March 30
  • I guess I need a nudge for root :/ anyone willing to throw a nugget?
    in Multimaster Comment by syn4ps March 28
  • Type your comment> @MrBlu3 said: (Quote) With the good hash function and rocks, you can crack them under 5 seconds :)
    in Multimaster Comment by syn4ps March 27
  • Type your comment> @moszkva said: (Quote) You should enumerate Domain Users using the same technique you used for the 17 users you found. However, I must say that even if I got a list of them, I could not authenticate with any of them :/ EDIT:…
    in Multimaster Comment by syn4ps March 25
  • Type your comment> @init5 said: (Quote) Same point, been stuck for hours. A nudge would be welcome :)
    in Multimaster Comment by syn4ps March 24

Howdy, Stranger!

Click here to create an account.