Type your comment> @n1b1ru said:
Type your comment> @rahul3515 said:
Type your comment> @AlbertJ said:
Stuck at the obfuscated JS and “Se**** L**** B*****” thingy
Me too !!
Same point
Which of the services had obfuscated js?
Type your comment> @n1b1ru said:
Type your comment> @rahul3515 said:
Type your comment> @AlbertJ said:
Stuck at the obfuscated JS and “Se**** L**** B*****” thingy
Me too !!
Same point
Which of the services had obfuscated js?
If only people would stop spamming that reset button…So many resets and so far I’ve seen no point in any of them…you just have to be very imaginative about what goes where and from where .
Obfuscated JS? I’m assuming people found the app on the high port?
Type your comment> @ltdata said:
Type your comment> @n1b1ru said:
Type your comment> @rahul3515 said:
Type your comment> @AlbertJ said:
Stuck at the obfuscated JS and “Se**** L**** B*****” thingy
Me too !!
Same point
Which of the services had obfuscated js?
Search on the high port service
anyone understood what to do with the js but doesn’t get the fish to bite? I’d love to share some thoughts/ideas because I am about to go mental here
deobfuscate
whoever is doing this machine, add ???#4870 on discor.d
Type your comment> @illwill said:
deobfuscate
oh yeah no I wasn’t asking what to do with that, I was more wondering about an idea exchange on how to proceed after
im there i got the cmds and some arrays but still working on what do with them to get rce or injection
deobfuscated the JS. Not able to decrypt the string.
…
Type your comment> @rewks said:
Trying to access we******.*** found through the JS, currently just keep getting redirected back to the functionless a****.*****.
Nvm… progress. I have a log file teasing me.
Have you had any luck reading it ?
edit: managed to read it
Congrats @arkantolo for the first blood. This one is Extremely Hard
Type your comment> @MrR3boot said:
Congrats @arkantolo for the first blood. This one is
Extremely Hard
Ditto That !
Found the h***
command on port ****
that lists the h****,p***,w*****,l***,i***,s*******,n*****,i******
commands and looked at each of those - didn’t find any obfuscated js. Am I looking at the wrong high port service?
Found go*****
in there, but not sure how to interact with it.
Type your comment> @plonk said:
Found the
h***
command on port****
that lists theh****,p***,w*****,l***,i***,s*******,n*****,i******
commands and looked at each of those - didn’t find any obfuscated js. Am I looking at the wrong high port service?Found
go*****
in there, but not sure how to interact with it.
Have you done a full tcp port scan? Go higher
Type your comment> @rewks said:
Type your comment> @plonk said:
Found the
h***
command on port****
that lists theh****,p***,w*****,l***,i***,s*******,n*****,i******
commands and looked at each of those - didn’t find any obfuscated js. Am I looking at the wrong high port service?Found
go*****
in there, but not sure how to interact with it.Have you done a full tcp port scan? Go higher
Yep, I also found that (matching the identifier in p***
against the entries in n******
), but I do not seem to be speaking the right language to it
EDIT: nvm, turns out I just needed to package my interaction in the right way. Now I found several targets likew**.f*******.***
and similar, but no obfuscated js.
Attempting to connect to myself using the obvious possibilities on the high port service, I get
connectex: An attempt was made to access a socket in a way forbidden by its access permissions.
Am I going down a rabbit hole?
Anyone knows what to do with a hash value & url encoded string which gives garbage value after decoding?.
got it
Looking at names of logfiles. No idea how to read them? Any hints avail for this?
40pts… yeah, right…