Rooted! Thanks for those helping me!!!
@Morf said:
Hi All, as Deus9 posted I am sitting in the same boat. Can someone please assist here I am banging my head against the wall. Please PM me
Did you try a simple payload (like pinging your IP with -c 2 
and capturing ICMP on your tun0) to see if the pings arrive and your injection worked? If so, perhaps your payload is off or uses tools that are not on the box.
Hello guys
Ive been struggling for so long on the privesc part. I read all the papers i could find related to the attack but i fail to reproduce it on the box ><
Can someone PM me for some guidance ?
Thanks
I dont know what I’m missing on this one…Discovered s*** running and have been trying to enumerate to find serial #. MSF modules dont yield any information either. Anyone have a tip for getting user?
As mentioned by Jkr. I did a ping test and used Wi**s**** to capture the traffic. It worked but for some reason the I the n* function has no success. Please assist please PM me. Thanks
Finally got this rooted! This was quite interesting and took me back to university network books and what not. Really awesome challange @snowscan !
Got root!!!.. 
Got lucky since somebody is working on it…
Lost the fun…
For my privilege escalation, none of the b** h****k tutorials helped. In fact, they were outright confusing because of minor mistakes. In the end, basic common sense in network troubleshooting prevailed. I’m so going to do a write-up on this to document my journey.
hey guys so i did snmp_login from metasploit and i see it says successful.
but when I do snmp_enum everything shows up blank like this:
[+] 10.10.10.105, Connected.
[*] System information:
Host IP : 10.10.10.105
Hostname : -
Description : -
Contact : -
Location : -
Uptime snmp : -
Uptime system : -
System date : -
[] Scanned 1 of 1 hosts (100% complete)
[] Auxiliary module execution completed
ANy reason why I am getting this error?
@HopeHasAPlace said:
hey guys so i did snmp_login from metasploit and i see it says successful.
but when I do snmp_enum everything shows up blank like this:[+] 10.10.10.105, Connected.
[*] System information:
Host IP : 10.10.10.105
Hostname : -
Description : -
Contact : -
Location : -
Uptime snmp : -
Uptime system : -
System date : -[] Scanned 1 of 1 hosts (100% complete)
[] Auxiliary module execution completedANy reason why I am getting this error?
Use s**pw**k my friend, to walk the entire MIB hierarchy starting from the root. I leave it to you to figure out how to do that.
@limbernie said:
@HopeHasAPlace said:
hey guys so i did snmp_login from metasploit and i see it says successful.
but when I do snmp_enum everything shows up blank like this:[+] 10.10.10.105, Connected.
[*] System information:
Host IP : 10.10.10.105
Hostname : -
Description : -
Contact : -
Location : -
Uptime snmp : -
Uptime system : -
System date : -[] Scanned 1 of 1 hosts (100% complete)
[] Auxiliary module execution completedANy reason why I am getting this error?
Use s**pw**k my friend, to walk the entire MIB hierarchy starting from the root. I leave it to you to figure out how to do that.
roger that
■■■■ finally rooted, that took me some time lol. Thanks @limbernie and @DaChef for their time helping me out.
Someone can help me with the privesc, i am read all the forum and i still working on it , thanks in advance.
Just got a reverse shell and I’m in the host, but can’t figure out how to own the system… if someone can PM me directly, I’d appreciate
Can anyone give me a hint on trying to get user? I’m in the admin console and what next?
I think i need some help on what i important information i should look for,
Once you get to that /de*** page, what is actually important to note there ?
to use something like sear******** afterwards
Feels like there can be a reverse shell, but i can’t quite put my finger on it
zhazhazha
I have no idea of how to approach this. I have tried the spwk and spc**k and I am not getting any info. Someone please PM me and give me a nudge or refrences. Thanks in advance.
Privesc is killing me… tried so many different approaches and nothing so far.
What I’m trying to do is adv the network that has issue and listening with t***p.
I can see the b routes been advertised but nothing else interesting.
Might need to change my game plan.
Can anyone help me?
Found the SN#*********, then manage to connect to the webserver but i dont really know what to do next ? any hint ? am i supposed to find an uploader ?
thx
EDIT : Got user, no uploader need for this, its called Remote Code Execution so try to find user entry and exploit it…