listening on [any] 4445 …
connect to [10.10.15.231] from haystack [10.10.10.115] 42512
bash: no hay control de trabajos en este shell
[root@haystack /]#
Gotta say, that was kinda hard. It helps to know a little bit of elastic in order to get there.
People have given enough hints for user. It truly is a needle in the haystack, and finding the haystack should be easy.
For root, you’re gonna have to pivot from the initial shell to another user somehow. Think about what’s running on the box and if it’s vulnerable to a documented exploit. If it doesn’t work the first time, don’t get discouraged. Literally move your things around and try again.
From there, think about what’s running as root. Enumerate what you’re allowed to do as this user that you weren’t allowed to do as the last. Read closely, don’t skip over anything. Think about how it’s configured.
Hey folks, I got the message from port 80, but didn’t gett the hint :(, and also Can anyone tell me what is this DB thingy you guys are talking about? appreciate a little help.
When I saw “haystack” I had a feeling it would be a little too CTF for my taste. User was irritating because I thought I was pulling everything when I was only pulling about 10 records or so. Nobody’s fault but my own. When I got that root was pretty fun. I didn’t know much about the ELK stack so this was a great learning experience. Thanks for this!
Can someone PM me? I’m pretty sure I’m very close on the syntax for dumping the info we need but I keep getting errors and am not sure what part of my command is going wrong.
I can search things across all indices and return more than the default but cannot find the needle. What is the hint being talked about in website? I have looked at the metadata and didn’t see anything. Maybe if I could find the hint it could help me.
I can search things across all indices and return more than the default but cannot find the needle. What is the hint being talked about in website? I have looked at the metadata and didn’t see anything. Maybe if I could find the hint it could help me.
uh never-mind on the hint. I needed to look a little closer.
I’ve dumped the entire database and so far found nothing useful.
Dirscanned the sites by IP and hostname, zero results and seems like no virtualhost routing. Haven’t found any software commonly exploitable.
Should I just keep looking at the database? I’m hoping I don’t have to copy/paste and translate all that spanish.
EDIT: Got it. Just need to find a username.
same. Got anything on the username?
I’m in the same boat. HINTS PLZ
i gave some hints before.
make a quick googling on what that high port is used for. find the applications name and google how to talk to it. it is well documented.
when you´ve found some document, try to find how you can extract data from it. it will have something called _x… thats what you want to utilize to make your query.
you will need to SELECT right command with _x…/s…
For root and first privesc to get out of the s******y user I am running an exploit based on a certain filthy animal, am I running the right exploit? I don’t want to run it unnecessarily since it’s a bit unstable :).
For root and first privesc to get out of the s******y user I am running an exploit based on a certain filthy animal, am I running the right exploit? I don’t want to run it unnecessarily since it’s a bit unstable :).
