It’s seem easy but not, lol
any hints?
There was very easy method on it, But it patched . Now Im still trying decrypt file. But there are errors on Hawk I think
The file is your way in, search methods via the openssl on how you can decrypt it.
I’m at that part, but I need credentials to decrypt it. Which I obviously dont know lol.
some hint about priv esc?
i dont know where to begin here not that good on web exploits, any hint for initial foothold
priv esc can be done with something you used to be unable to see, but after getting user, now you can.
Does anyone know why the box is so slow? People brutforcing the login page massively?..
@THYemre said:
There was very easy method on it, But it patched . Now Im still trying decrypt file. But there are errors on Hawk I think
Wait, are you saying the box was patched after it came up? Or what would have been easy entry on the box never was an entry point?
any hints on decrypting the file, I could try brute forcing, but that seem inelegant
Just bruteforcing will cook my pc. Hope its something else =/
Edit: well, guess it depends on the tool
@Parttimesecguy said:
any hints on decrypting the file, I could try brute forcing, but that seem inelegant
Sometimes being inelegant can be elegant … if you do it right 
so brute force is the answer? I haven’t had any luck if it is…
fun box
I found a tool in a repository, but I’m not sure if that’s the right tool as I’ve tried. Probably doing something wrong (wrong flags, wordlist)
i’m enum everthing but still have no idea how to find pass for user : d***** ?
any pointers on the wordlist? tried the usuals but nothing yet
@giido said:
any pointers on the wordlist? tried the usuals but nothing yet
maybe the cipher is wrong?
@giido said:
any pointers on the wordlist? tried the usuals but nothing yet
same boat
me too no idea