Attacking common applications | HTB Academy

Hi, I made this topic for this module beacuse I found it very hard in some questions, and there’s no hint.
Does anyone know how to solve the osTicket question? And what about other notable application? I tried everything with nmap, gobuster, hydra but i go nowhere

1 Like

For osticket, just follow the instruction in this module

  1. Login with agent credential
  2. Check previous ticket history ( you will have the answer)

I am also stuck at the “notable” and “attack gitlab” section

I can’t find the agent credential. I found git as external portal, i registered an account with the ticket email but nothing. Could you give me an hint?
I did “attacking gitlab”, to solve you can try to use the code that you find on the exploitdb links

Take a look at the email address start with kevin******* and the login page below it.

For “attacking gitlab”, I used the script from exploitdb and wordlist xato-net-10-million-usernames-dup.txt. Eventually, I managed to find a couple of valid username such as “help, public, hacker”. But none of them is the correct answer. So I am not sure what I have missed.

Try rockyou.txt list for password and cirt-****.txt for usernames

Hi everyone! some of you have been able to pass the skills assessment 1?
specifically the last exercise on getting a shell?

any hint or methodology would greatly appreciate it as I tried various ways without success including metasploit

I used several dictionaries and with one I managed to find the correct user, I don’t remember which one it is, but if it comes inside the virtual machine, I recommend you try several and it will come out if you have problems, I can help you!

Hi, are you got the flag? If not i can give suggestion that Tomcat 9.0.0M1 is vulnerable for one of lastest CVE in module “Attacking Tomcat”. But I have too troubles for getting flag too :frowning:
Help me if you solved it :slight_smile:

Hi, for tomcat you have to use the cgi-exploit, with gobuster or fuzz you find a *.bat file and use it for rce.
If you need other hints text me

1 Like

hey bro.i can not find user for gitlab.can you help me please?

can u help me please.i can not fine user for gitlab

Did you already try with different wordlists?

hi, ive founded user with cirt*.txt wordlist from cheatsheet and hint in example

1 Like

i use gobuster to enum http://ip:8080/ but i cannt find .bat file.can you help me please?

Are you still stuck on the gitlab question?

no i solved it.thank you brother

Hi. Can you give a hint about password for gitlab user? Ive tried a first 10000 of rockyou but nothing done

dont need to find password for gitlab.just look at gitlab section again and see how you can access information and repositories

1 Like

And so one. Can you please give a hint for WebLogic RCE? Ive tried some of PoCs but it done nothing

did you find the password?