Carrier

need help I successfully logged in to the admin panel but need hind about what to do to get user.txt by “check”

Most useful advise here I could give about privilege escalation is to enumerate the service everyone’s referring to and look at some youtube clips regarding b** h******* to get familiar with the commands and v***** interface. Also it took me days to figure out that nc can’t simulate an *** daemon, so you’ll have to set up one yourself or do manual responses with nc like someone already advised, personally I used a python script I found on github. A tough box, but learned lots of stuff about networking! Next step is to find a decent book to get a bit more familiar with this stuff, any recommendations someone might have would be welcome.

All I can say is if you believe you know the privilege escalation attack vector and sure of it keep trying, you’ll get to it eventually.

Also look at s4rgey’s comment.

Before I go down a rabbit hole, can I get the s***** number i’m looking for by enumerating s**p . I’ve tried some basics and i’m getting nothing more than an ip back

scratch that - found it. Misusing tools :slight_smile:

Can I get a hint how to proceed? I have web login, i’ve gathered some network info from the tickets page but nothing seems to live on any of the /24s , I’ve read there’s a cve and have found some candidates but I believe I need a shell first. I can’t find any mechanism to upload a file or kick off any processes in the php pages. I know i’m missing something, I’m just not sure what!

I need some help on the reverse shell command. I’ve figured out RCE but cannot for the life of me find a working reverse shell command.

-deleted- Just machine unstable

I need a little hint… I’m not sure if I’m stuck in a rabbit hole. I got user and now working on root. Is it safe to assume that I need a shell on carrier to get root?

Type your comment

To start off I’m new to the hacking scene, i got alot of networking and some programming with me in to this! I’m pretty stuck at the moment i would say! I did get user pretty fast with the hints on the forum, but I’ve got real problems with the b** (familliar and have worked with the protocol) stuff. At the moment i dont see a way forward, I have read the configuration multiple times and tried som stuff to route me the traffic but nothing has worked… This might be due to me not having worked with kali that much and all of its capabilities but what would I know! I would love some hints/tips from the experts on here! :slight_smile:

Type your comment> @GeorgieH10 said:

To start off I’m new to the hacking scene, i got alot of networking and some programming with me in to this! I’m pretty stuck at the moment i would say! I did get user pretty fast with the hints on the forum, but I’ve got real problems with the b** (familliar and have worked with the protocol) stuff. At the moment i dont see a way forward, I have read the configuration multiple times and tried som stuff to route me the traffic but nothing has worked… This might be due to me not having worked with kali that much and all of its capabilities but what would I know! I would love some hints/tips from the experts on here! :slight_smile:

  1. you mainly need to figure out b** h***** method, ask Pakistan
  2. linux network commands

Type your comment> @peek said:

Type your comment> @GeorgieH10 said:

To start off I’m new to the hacking scene, i got alot of networking and some programming with me in to this! I’m pretty stuck at the moment i would say! I did get user pretty fast with the hints on the forum, but I’ve got real problems with the b** (familliar and have worked with the protocol) stuff. At the moment i dont see a way forward, I have read the configuration multiple times and tried som stuff to route me the traffic but nothing has worked… This might be due to me not having worked with kali that much and all of its capabilities but what would I know! I would love some hints/tips from the experts on here! :slight_smile:

  1. you mainly need to figure out b** h***** method, ask Pakistan
  2. linux network commands

Thanks Peek! Yeah I read about it before my last post, I believe I understand it as well and i have tried to figure out how to practically apply what i’ve read in this scenario but without any luck. could you point me in the right direction, documentation on how to do it, what is needed on the attacker side (my own b** a*?, specific rs?, py server? and so on… I think that the main problem is the methodology to actually carry it out.

Im in the same spot as @GeorgieH10 i can execute commands and get results but cant get an interactive shell. I would expect i need a shell to start changing b** config using their tty utility but im obviously missing something. Im curious what other people have done.

i dont think that you are at the same step. pm me

Rooted. Amazing machine @snowscan . Thank you for the nudge @peek

Hey, I have the shell on the system and see the diagram and the conf files… but I am very confused on how this network works and what all the traffic is. Could somebody help me get a better understanding of what I am looking at from a high level so that I can figure out what to do next? I am very new to networking.

I managed to login using serial number but now i stuck what to do next :frowning:

Type your comment> @izzul said:

I managed to login using serial number but now i stuck what to do next :frowning:

Check out what pages you have available and figure out how they might work

Hi i got user.txt already but im having trouble getting a reverse shell. I tried using p***** and n* but i can’t seem to catch a shell

Got user on the box, got an interactive shell, but having trouble with root. I’m guessing I need to change the b** protocol, but I’m a bit unsure about where to go with this. I’m thinking the t****** page is a hint at how to reconfigure things?

Hi after reading a few page on the forum I can not figure out my nmap scan… 161 is close and I try sever types of scanning so what’s going wrong? Any hint should be appreciated thanks

Founded lol waiting 20 min for a scan