Foothold: If you found initial vuln, take a look at something on the other port and enumerate. In kali you can find out the content of packet to fuzz with apt-file. If you found creds, google what founded roles give you, curl \ httpie \ ******-manager can help you to exploit in this situation.
User: take a look at some interesting file, you can bruteforce them. If it didn’t help you, think about how people are lazy.
Root: it is not necessary to use automatic scripts. Just enumerate manually. There is only one sploit for this missconfiguration in searchsploit Don’t overthing, try to find out more what your user can do on machine.
I found the T*****-.x with creds and could log into /H-M****** and stuck there. People all say read and dont skip over little details. I have read pretty thoroughly with no luck at this point. Nudges would be great. (Also have tried Curl instead of using browser to try and be creative, but unsure on how that could even help me any further)
I found the T*****-.x with creds and could log into /H-M****** and stuck there. People all say read and dont skip over little details. I have read pretty thoroughly with no luck at this point. Nudges would be great. (Also have tried Curl instead of using browser to try and be creative, but unsure on how that could even help me any further)
This file contain roles besides login and password. Google what rights that roles give you
Could anyone tell me how can I read the xml file to get credentials
Use a web browser and look at what it has sent you.
Maybe look what it’s sent in Burp? I think some people have issues with looking in browser?
It is certainly more “In your face” if you use burp, but it’s only a single click away in a browser and if people aren’t checking things like that, they really should.
Could anyone tell me how can I read the xml file to get credentials
Use a web browser and look at what it has sent you.
Maybe look what it’s sent in Burp? I think some people have issues with looking in browser?
It is certainly more “In your face” if you use burp, but it’s only a single click away in a browser and if people aren’t checking things like that, they really should.
Ahhh, thanks guys, didn’t realise I could see in page source as well,
Could anyone tell me how can I read the xml file to get credentials
Use a web browser and look at what it has sent you.
Maybe look what it’s sent in Burp? I think some people have issues with looking in browser?
It is certainly more “In your face” if you use burp, but it’s only a single click away in a browser and if people aren’t checking things like that, they really should.
Ahhh, thanks guys, didn’t realise I could see in page source as well,
Feeling pretty frustrated rn, spent a good amount of time getting a low level shell, and now I’m struggling to transfer the 161*****.zp file to my local machine. Can’t use SimpleHSeer, so I’m really not sure how I’m supposed to take a crack at it.
If anyone could give me a nudge or a PM I’d really appreciate it
I know exactly what to do thanks to endless research.
However, my research will not help with the countless errors I am getting trying to do this.
It may be my sleep deprived mind. I’m going to try again later after a little rest.
In the mean time, is there any kind soul that would mind lending a hand in pm? I can explain exactly what I am trying to do and what is going wrong. Possibly a little more coherently after some rest.
I found the initial foothold frustrating as the container i span up to check the directory structure was different to that of the target. It made it difficult to see what was included.
user was cheeky and something I overlooked a few times. i will keep my lips zipped on this one though.
root was something I had never come across before. I had issues finding the correct path initially and it was a bit of up hill climb to the finish but a fun journey.