Attacking Common Services - Easy

im really stack here i have found a valid user but i cant find which service to attack any hint

I am in the same situation. I have managed to bruteforce all services with the provided wordlist with no positive results, but not the FTP. Now I’m seeking a way to brute force FTP in the expected way. For now, I can’t see appropriate ways any more to get a flag within the context of this module.

Once you have found a valid user, try to bruteforce that service which you used to identify the user. Also try other wordlists.

3 Likes

Thanks a lot, friend!
Your hint did work.

I logged in SMTP with brutforced user , but i cant find any flag . Anyone know what to do ?

I upload shell on server, but only 2 commands are working dir and whoami . Enyone has any reference?

Can anyone give me a hint on where to bruteforce? It seems like the only solution is simply bruteforcing, which should be the last resource.

Hello, i need a big hint please.
What i can do is, i can write files to the server via sql and load_file(). But i can’t get my reverse shell running.
In the documentation i noticed a folder \xampp\htdocs, but i cant execute the file that i put in this directory.

After finding the service user and bruteforcing the password with a second wordlist you can log into another service where you find hints regarding a 2022 CVE. PHP webshells are your friend!

I think I am making progress on this… I got as far as finding user and password. However, I can’t seem to do much with this information. I can connect to ftp but cannot see any files in there. I can connect to mysql but so far I don’t see any good information in there. It seems like I can write files and read files from the mysql server. But I am struggling with how to access the files with anything aside from mysql queries. My questions is if I write a php shell to the database, How do I find it to use it in the web browser?

I got it! Searching for document root helped…

Question, the flag indicates there may be another way to get the flag? Did anyone find another method?

Read files from ftp server.
Know where to write your shell

It takes time to show files in ftp server just wait minute or 2

i found a user f*** by smtp enumeration.could please give me a hint for which service should i brute force password and should i use a mutation wordlist

he guys I need some help please, I can execute a web shell on the C:/xampp/htdocs/ but the only command that executes is the whoami which gives me nt/authority

Hey can you pm me and let me know how exactly you were able to write files with mysql?

Hey, I got php webshell, but I can’t see any files except xampp folder…
Can somebody give me a tip?

1 Like

I think you’re supposed to get a reverse shell from that webshell.
I tried many payloads to get the reverse shell but it is not working I’m stuck now.
#Edit
Ok I solved it.
hint: try to discover which OS you’re dealing with and choose the appropriate payload for it.

try to discover which OS you’re dealing with and choose the appropriate payload for it to get a reverse shell.