HackBack

Type your comment> @n1b1ru said:

Type your comment> @rahul3515 said:

Type your comment> @AlbertJ said:

Stuck at the obfuscated JS and “Se**** L**** B*****” thingy :frowning:

Me too !! :frowning:

Same point

Which of the services had obfuscated js?

If only people would stop spamming that reset button…So many resets and so far I’ve seen no point in any of them…you just have to be very imaginative about what goes where and from where .

Obfuscated JS? I’m assuming people found the app on the high port?

Type your comment> @ltdata said:

Type your comment> @n1b1ru said:

Type your comment> @rahul3515 said:

Type your comment> @AlbertJ said:

Stuck at the obfuscated JS and “Se**** L**** B*****” thingy :frowning:

Me too !! :frowning:

Same point

Which of the services had obfuscated js?

Search on the high port service

anyone understood what to do with the js but doesn’t get the fish to bite? I’d love to share some thoughts/ideas because I am about to go mental here

deobfuscate

whoever is doing this machine, add ???#4870 on discor.d

Type your comment> @illwill said:

deobfuscate

oh yeah no I wasn’t asking what to do with that, I was more wondering about an idea exchange on how to proceed after

im there i got the cmds and some arrays but still working on what do with them to get rce or injection

deobfuscated the JS. Not able to decrypt the string.

Type your comment> @rewks said:

Trying to access we******.*** found through the JS, currently just keep getting redirected back to the functionless a****.*****. :expressionless:

Nvm… progress. I have a log file teasing me.

Have you had any luck reading it ?

edit: managed to read it

Congrats @arkantolo for the first blood. This one is Extremely Hard

Type your comment> @MrR3boot said:

Congrats @arkantolo for the first blood. This one is Extremely Hard

Ditto That !

Found the h*** command on port **** that lists the h****,p***,w*****,l***,i***,s*******,n*****,i****** commands and looked at each of those - didn’t find any obfuscated js. Am I looking at the wrong high port service?

Found go***** in there, but not sure how to interact with it.

Type your comment> @plonk said:

Found the h*** command on port **** that lists the h****,p***,w*****,l***,i***,s*******,n*****,i****** commands and looked at each of those - didn’t find any obfuscated js. Am I looking at the wrong high port service?

Found go***** in there, but not sure how to interact with it.

Have you done a full tcp port scan? Go higher :wink:

Type your comment> @rewks said:

Type your comment> @plonk said:

Found the h*** command on port **** that lists the h****,p***,w*****,l***,i***,s*******,n*****,i****** commands and looked at each of those - didn’t find any obfuscated js. Am I looking at the wrong high port service?

Found go***** in there, but not sure how to interact with it.

Have you done a full tcp port scan? Go higher :wink:

Yep, I also found that (matching the identifier in p*** against the entries in n******), but I do not seem to be speaking the right language to it :slight_smile:

EDIT: nvm, turns out I just needed to package my interaction in the right way. Now I found several targets likew**.f*******.*** and similar, but no obfuscated js.

Attempting to connect to myself using the obvious possibilities on the high port service, I get

connectex: An attempt was made to access a socket in a way forbidden by its access permissions.

Am I going down a rabbit hole?

Anyone knows what to do with a hash value & url encoded string which gives garbage value after decoding?.
got it :slight_smile:

Looking at names of logfiles. No idea how to read them? Any hints avail for this?

40pts… yeah, right…