Europa Initial Foothold

ah, I get it. Thanks

Any hints on bypassing the admin portal? Tried bruteforcing, no luck.

@hattonsec said:
Any hints on bypassing the admin portal? Tried bruteforcing, no luck.

Burp harder.

@likwidsec said:

@hattonsec said:
Any hints on bypassing the admin portal? Tried bruteforcing, no luck.

Burp harder.

Before I even get passed the login to the admin panel? I have not managed to log in yet.

@hattonsec ask yourself what can you do with web apps other then bruteforcing cred guessing?

Try to read the retire machine writeup (since it legal) , i learn a lot from it to get here.
it help with the beginning stage

@malex said:
Try to read the retire machine writeup (since it legal) , i learn a lot from it to get here.
it help with the beginning stage

^^^^ Some of the most over-stated under-rated advice that can be given. EVERYONE should AT THE VERY LEAST subscribe to Ippsec’s YT and spend an afternoon watching all of his vids. Even if you’ve done the box already. I’ve learned new things on every video he’s done on boxes I’ve already cleared - just because everyone sees things different ways. And Ippsec is pretty legit. <3

@likwidsec said:
Stare at Burp for several hours… :slight_smile:

There is another way…

I’ve min fiddling with europa all day and i can’t get nowhere. I have found the dns information with nmap and i can access the domain name, but this only gives me the default page. I have googled around for how hostname resolution works, but still nothing. Anyone care to push me in the right direction?

Try looking back at port your scan again.

I am still stuck at getting the default page. I have analyzed the output from nmap and i still can’t get to a certain protal. Can anyone please PM me with further hints?

Hi i am stuck on the admin portal.Can i ping someone about it??

Bypassed the admin portal, also knows what exploit to use to get initial shell, but don’t know how to use that exploit. Please guide me a little bit.

Everyone is saying the bypassed the admin portal. Does this bypassing involve burpsuite, or is burpsuite used after the bypass? redirects bypass?

@whipped you can use burp suite but you don’t need to.

I’m stuck in the admin portal. Working on a certain component but haven’t been able to get much farther yet. I’ve enumerated other directories, and limited content within one of those directories. Sitting at a stand still at the moment though. Tried some stuff on the page that accepts input, but nothing yet.

I’m confused when some people are saying you ‘stare at burp for hours’. Because you’re enumerating (brute forcing) directories / components? Or you’re sending requests on a certain page?

this was a confusing box. I think I paid to much attention to the comments here, burpsuite all day etc… there is a much easier way getting the initially foothold on this box. Priv.esc is easy.
:astonished:

@kophjager263 said:
@whipped you can use burp suite but you don’t need to.

I’m stuck in the admin portal. Working on a certain component but haven’t been able to get much farther yet. I’ve enumerated other directories, and limited content within one of those directories. Sitting at a stand still at the moment though. Tried some stuff on the page that accepts input, but nothing yet.

I’m confused when some people are saying you ‘stare at burp for hours’. Because you’re enumerating (brute forcing) directories / components? Or you’re sending requests on a certain page?

Just out of curiosity, I’m enumerating the directories I’ve found using the 2.3-medium wordlist that comes with kali. Are there better wordlists I should be using?

should be in your tool belt also.

“burp all day” is meant to get you to focus on what’s actually going on here and you’ll most likely never catch the actual parameter to use your payload against without burp. Or maybe you will, idk.

@whipped, not sure. I found a variety of directories but I’m not entirely certain there is anything of significant value in any of them. I found one file within one of the directories (0 byte) nothing seem to be useful to me at the moment. The entry point, once you’ve accessed the admin panel, will be one of those readily obvious components.

@likwidsec, thanks for that. I’m sure i will facepalm myself shortly LOL.