yes i got, apparently someone deleted the password column, i had to restart the machine.
the way is on a CVE
Any nudge for *.12,
wfuzz seems to come up with something, but noting useful till now.
172.16.1.12/blog seemed interesting, I tried uploading php reverse shell. Didnot work.
Unable to solve this.
Also…mysql -h 172.16.1.12 -u root
ERROR 1130 (HY000): Host ‘172.16.1.100’ is not allowed to connect to this MariaDB server
Any tips on WS-02? I have owned all machines on first subnet except this one and SQL and Jenkins…
I believe this is the way to scan the admin subnet… but have no idea how. I have tried ftp and smb sprays with all collected credentials.
Yeah file upload is not the way on this one… try scrolling the mouse on the images there is an interesting parameter there that will lead to something. Grab the link and try nuclei
alright i have hit a wall. i have three machines that i dont have hostnames for, *.5, *.19, *.101. if somebody can recommend which to start with and maybe a nudge id appreciate it.
anyone willing to offer a nudge on how to move towards .19 and .5 , i have owned all the machines on the first subnet except the 2 mentioned
there is a file that you obtain on a previous machine that should help you with .101
done…Thank you…
Had to update my sql tool in kali. That was the root cause.
Hello,
I am stuck in privesc for WS03.
My payload is working well, the local connection is established but i cannot get the revershell working as i am not getting any answer untill i kill my process. I think it is due to my windows shell not being fully interactive
Any help plz ?
EDIT: GOT IT
Hi, i have done all boxes except .19 and SQL01 and i am stuck here … From what i read i have to pivot to admin network but i don’t have any clue from where … Help is welcome here …
check the privileges if you want the system
for .19 you should have found some credentials also applies to sql