lol facepalm root. Bed, then breakfast, then coffee with a side of root.
Edit: well that took longer than it should have. Brainlock. Was so very very close for hours, had the pieces, then finally got it with a little nudge over the finish line. Nice and oldschool at the end.
Do you need to find the token string in order to generate the OTPs?
getting the token string is possible. it was late when i did it yesterday, so did not look into it that much. but from replies i got above it seems like something like that may be needed
Loved your creation @0xEA31. Great learning path to me. Though i’m still in progress but a brainstorming puzzle which really keeping me close to solve it.
I sorta ‘guessed’ the username from the comments. Now, how do I search for attributes in the four-letter directory service? Step up my enumeration game?
Rooted, thanks to help from that guy there ^^^, really go box that inspired to me write tool (doesn’t work here kinda on purpose, kinda not, but if you know how to do what you need to it can be tweaked that way) any, good box, if you need help feel free to ask. It’s not as hard as you would think given the amount of points you get, but if you just stumble upon stuff it can actually make it harder because there’s a logic that’s supposed to be followed.
I’m trying to enumerate the 4 char directory service but I can’t seem to get any output. Can someone tell me if I’m wasting my time or is this the right path?
Hey, It seems that the username is somewhat guessable… I tried bruteforce with big throttle and i couldnt find anything.I used some tool that extract words from webpages… Tried to follow every link to find some information/username but no results. Any hints?
I found a script that backs things up and I also found a way to exploit it, but I need some password to unpack it.
you don’t need to, figure out what the script is doing, there may be an exploit that you immediately see when you google it, but that exploit is nothing more than a hint as to how to root the box