Attacking Common Applications - Skills Assessment II

Any clues on how to get the Nagios users password. Brute forcing is giving nothing so far and cant find any readable directories or anything. Any hints would be appreciated

thanks

It’s OK I found it…:slight_smile:

Could you give a hint? Thanks

I’ve tried defaults and brute force and nothing

:slight_smile:

Gitlab…

1 Like

is the vhost also in gitlab? I’ve found the password, but not the vhost/url to access the application?

The question states that gitlab is the vhost you need to use…if you can’t reach it, it’s probably your hosts file that’s the problem

I can access the gitlab, I couldn’t find the third vhost where nagios is running.

Ah OK sorry I misunderstood…you cracked it now though right?

I managed to get the reverse shell and the flag for the last question, but I am struggling with URL.
Tried all variations, but it is hard when you don’t know the format they are expecting.

I’ve got the answer, but it seems the answer format it should be stated as the answer varied. anyways. Merry xmas all

1 Like

Me too, how you figured out?

How did you guys get the script “gitlab_13_10_2_rce.py” working , please?

I do not get it. I have managed to see Wordpress, trying to dock without success. I see the Gitlab project, but with nothing that catches my attention. I’ve gotten some users for the Gitlab login, and tried some passwords, but without success. And from there I don’t go. I can’t find the third Vhosts nor can I brute force Gitlab or wordpress or see where I can get the ■■■■ password or how to continue. Totally lost, any help please?

1 Like

Hi @lxuxer Have you tried Vhost Fuzzing with ffuf? When you do it you will discover the third Vhost. As for GitLab you don’t need to do brute force, remember that in the module it was said to always try to create a user in GitLab and from there see more projects inside GitLab.

1 Like

Hi all!!! write already somebody the format of URL what is required. And then he answered all the questions, but not the first … HELP

solved http:/

2 Likes

I got root on the machine, but where is the flag.txt? I can’t find it, anyone can help?

Inside the admin folder

Try creating a new gitlab account and check all projects, maybe you can find something useful. :wink:

1 Like

How did you find the url? I tried so much combinations but nothing…