kotarak

@x0xxin nudges…any nudge?

i also noticed kotarak and haircut(retired machine) seem same

if you’re n00b like me, I suggest you stay off this machine, if you’re stubborn like me and like to bleed, then carry on, put your life on hold. With some nudges I got root after 4 intense days on this box.

when you are sysadmin, you like to read some specific files…from that…search an exploit.

i got native meterpreter, any hint on how to proceed?

@paciock said:
i got native meterpreter, any hint on how to proceed?

take a look on user’s directory ll find something interesting … :wink:

@Agent22 said:

@paciock said:
i got native meterpreter, any hint on how to proceed?

take a look on user’s directory ll find something interesting … :wink:

i found something but i think is not working or i am using 'em in the wrong place

ok, i was wrong, the place was right :slight_smile:

better use nc than meterpreter

Any nudge on initial shell? I believe I found the vuln. just trying to call my shell. PM please?

what else can you do, can you look ‘inside’ the machine instead of focusing on getting a shell (assuming you’re not in any portal etc.)

The priv esc side is doing my head in… It was all making sense till I hit a brick wall…

@paciock Any nudges using those credentials? I feel like I’ve used them everywhere possible without success.

@mrpotato said:
@paciock Any nudges using those credentials? I feel like I’ve used them everywhere possible without success.

sent pm

finally…

Finished this with lot of blood shed. @A113n
Blood Blood Blood. Lot of Blood Shed !

Hi people. I have been hitting this machine with everything i can think of. I have found which ports are opened and dirbusted them THOROUGHLY. I see that certain http-methods are allowed and i have tried to exploit them with no success. I have tried to bruteforce the to***t login as well with no success. I have also tried to exploit the “Private Browser”-form and have gotten access to /server-status, but nothing else.
Can anyone give me a nudge in the right direction? Any hint is appriciated.

I know user password for windows. But I dont know how to use it. Can you give me hint, please.

@b1zsv9 said:
I know user password for windows. But I dont know how to use it. Can you give me hint, please.

maybe Kotarak is not a window machine … u need to switch user with a password …

@MrWest3r said:
Hi people. I have been hitting this machine with everything i can think of. I have found which ports are opened and dirbusted them THOROUGHLY. I see that certain http-methods are allowed and i have tried to exploit them with no success. I have tried to bruteforce the to***t login as well with no success. I have also tried to exploit the “Private Browser”-form and have gotten access to /server-status, but nothing else.
Can anyone give me a nudge in the right direction? Any hint is appriciated.

If you’ve seen the status, you have the answer.

Del

Can anyone PM a hint on priv esc to root?