has anyone got foothold yet…
if yes can u please pm a little nudge…
If anyone got the user foothold please pm
I found soooo many files but i can’t find any useful information inside them, Can any one confirm if b*****al/ and b*******nt/ are rabbit holes?
is bruteforce intended?
Type your comment> @nox said:
is bruteforce intended?
I don’t think because it will took too long to crack it…
Spoiler Removed
anyone tried sqli the login page?
got a user potentially but struggling with a password!
from where are you getting the login page … ?
Type your comment> @Dreadless said:
got a user potentially but struggling with a password!
from which page did you discover the user ?
Has anyone managed to find a foothold? I’ve tried several enumerations but nothing.
more than 60 system owned and 50 user owned already 
but still have no clue how to proceed from the login page 
Spoiler Removed
that is the problem. everyone is trying to find the user and pass right now. I think 
Spoiler Removed
@Linoge said:
that is the problem. everyone is trying to find the user and pass right now. I think
80 people have already taken the car, but here are a few tips to enumerate
if we get a user we can use msfconsole 
Simple and straightforward box. Wasn’t a fan of the login guesswork, but everything else was pretty good.
Login - Try some fuzzing to get the first thing you need – the “usual” wordlist might not have it. Specifying extensions is important. The second thing you need is already in front of you. A common tool and a prewritten script online will figure it out to get you logged in.
User - CVE and some file enumeration will get you there.
Root - Check your capabilities.