Type your comment> @sulfacid said:
really? somebody changed user.txt flag. Why slow other people? are you bored?
It changes every so often now.
Type your comment> @sulfacid said:
really? somebody changed user.txt flag. Why slow other people? are you bored?
It changes every so often now.
Any hints for root?!
Thx @polarbearer and @GibParadox ! Super fun box. Good recap and learning experience, especially for an easy box! Part of the rooting process was new for me!
I’m stuck at a page that asks for creds. It doesnt seem to accept any that I offer it.
anyone around for a nudge ?
For an easy box, this isn’t going very easily. Found a whole bunch of creds & downloaded some files. Can’t quite seem to locate this login page that everyone is talking about. hmmm…
Type your comment> @gverre said:
Thx @polarbearer and @GibParadox ! Super fun box. Good recap and learning experience, especially for an easy box! Part of the rooting process was new for me!
Glad you enjoyed it!
Type your comment> @jiggle said:
For an easy box, this isn’t going very easily. Found a whole bunch of creds & downloaded some files. Can’t quite seem to locate this login page that everyone is talking about. hmmm…
Yes it was the worst part for me. But is not hard, I was tried that filename before with no result. But after I get some other items from the lowest service files, the filename work. Also with the basic web enumeration tools and wordlist you can get it. It start with a so no long time is needed )
Rooted. Kudos to the authors and @bertalting for the nudges.
Foothold: hard to give some hints without spoiling, but you should literally search for the things that “no one should see”. Very popular tool has special switch to search for multiple types at the same time. Use it
User: a bit of guesswork is mandatory. You do have clues, but most likely you’re looking for the wrong tool. Especially if you’ve never heard about the correct one. Machine name is a massive spoiler to get back to the right path.
Root: is awesome. just awesome
I need a little help with root please. had lots of ideas. but none have worked. PM me please I will share what I have tried
All Good!
Type your comment> @sulfacid said:
Type your comment> @jiggle said:
For an easy box, this isn’t going very easily. Found a whole bunch of creds & downloaded some files. Can’t quite seem to locate this login page that everyone is talking about. hmmm…
Yes it was the worst part for me. But is not hard, I was tried that filename before with no result. But after I get some other items from the lowest service files, the filename work. Also with the basic web enumeration tools and wordlist you can get it. It start with a so no long time is needed )
Yeah, I’ll probably feel like an idiot once I get it.
But so far that hasn"t happened :lol:
Type your comment> @jiggle said:
Type your comment> @sulfacid said:
Type your comment> @jiggle said:
For an easy box, this isn’t going very easily. Found a whole bunch of creds & downloaded some files. Can’t quite seem to locate this login page that everyone is talking about. hmmm…
Yes it was the worst part for me. But is not hard, I was tried that filename before with no result. But after I get some other items from the lowest service files, the filename work. Also with the basic web enumeration tools and wordlist you can get it. It start with a so no long time is needed )
Yeah, I’ll probably feel like an idiot once I get it.
But so far that hasn"t happened :lol:
I just found it & can confirm a feeling of idiocy is sweeping over me
Type your comment> @absolutenoob said:
Type your comment> @jiggle said:
Type your comment> @sulfacid said:
Type your comment> @jiggle said:
For an easy box, this isn’t going very easily. Found a whole bunch of creds & downloaded some files. Can’t quite seem to locate this login page that everyone is talking about. hmmm…
Yes it was the worst part for me. But is not hard, I was tried that filename before with no result. But after I get some other items from the lowest service files, the filename work. Also with the basic web enumeration tools and wordlist you can get it. It start with a so no long time is needed )
Yeah, I’ll probably feel like an idiot once I get it.
But so far that hasn"t happened :lol:I just found it & can confirm a feeling of idiocy is sweeping over me
Have same feelings lot of times when i try htb machines haha
Spoiler Removed
Spoiler Removed
Finally managed to get user, what a journey that was! PM if you need a push in the right direction or discord code0x13#4635
Rooted!
Learned some new interesting things
Thanks to @olsv and @thomsd for the nudges
Feel free to PM me for hints
Finished USER earlier this evening. Thanks to a few folks on here for keeping me on target. My advice for those in this phase…
Found the c*******.*** file, but ive been fuzzing for ages and haven’t found any creds. Can somebody give me a nudge?
Any hint on the login page?