Could somebody please help me out with the user1 > user2 code… I’ve been trying to brute-force it for 2 days now, beginning to worry that I’ll burn out my CPU!!
Happy to provide details of what I’ve been trying, just don’t want to put spoilers here. (Not that anything I’ve been doing is likely to be a spoiler… because it doesn’t work!!)
@lightfu said:
Could somebody please help me out with the user1 > user2 code… I’ve been trying to brute-force it for 2 days now, beginning to worry that I’ll burn out my CPU!!
Happy to provide details of what I’ve been trying, just don’t want to put spoilers here. (Not that anything I’ve been doing is likely to be a spoiler… because it doesn’t work!!)
Send me your code if you want. I bet you’re much closer than you think
I have never noticed but looping through each line of rockyou in Python gives me issues, i have to ignore several entries, it cannot properly decode some lines…
Force conversion to UTF8 and it should work !
I still haven’t figured out how to force this in Python (ignore, yes). I also can’t get the BF to work. Please PM if you can help.
Hi, I’ve tried my best to get something out of hints from all the previous posts, but getting nowhere. My current progress is at LFI. Able to read the web page source. Could someone provide hints?
Can someone explain to me why going from user1->user2 can only be done in certain directories? I tried in /tmp for an hour. I’ve rooted the box now, but I don’t really understand this one detail.
Thanks!
Edit: Thanks to @marlasthemage for doing some research on this, if anyone else is curious:
+1 @panic . I was just going to mention this. You should really look at the output of mount when you expect something to work but it doesn’t. Been stuck for way to long because of this detail.
Hello! I’ve gotten the creds for C*** and am working on the priv esc. I’m not really sure where to go with it. I’ve found /***/***/bp and ///er/e********.p and the other file in the e*****r directory but don’t really know where to go from there. Any help would be greatly appreciated! Thanks.
Edit: Got user! Shout out to @marlasthemage for the simple yet super helpful tip!
Like a lot of people, I am stuck with what to do with the db creds. I’ve already learnt some stuff, looked at some files but frankly don’t know where to go from here.
Any nudges would be appreciated for those with more knowledge than me.
Like a lot of people, I am stuck with what to do with the db creds. I’ve already learnt some stuff, looked at some files but frankly don’t know where to go from here.
Any nudges would be appreciated for those with more knowledge than me.
Same here - spent whole day to find a pass. Also gathered some more files from the machine…