for the life of me i cannot figure out how to get past “Sorry, but you need to provide a client certificate to continue.” I have followed various guides … any hints will be greatly appreciated
Type your comment> @kilo5150 said:
for the life of me i cannot figure out how to get past “Sorry, but you need to provide a client certificate to continue.” I have followed various guides … any hints will be greatly appreciated
try to look through old door keyhole. pm for more.
Rooted
Hints
User: I think there are two ways to get user shell. I used the certificate/https route. Copy/paste and your local host are your friends here.
Root: Don’t need to enumerate too much. Once you see what’s going on, you’ll think you have it. If you don’t get the shell after making the necessary mods, check how some common commands run in this environment. They might not be what you’re used to…
is it me or everyone got 443 port always down
hi! im in front of $t**** variable using p** sl v0.9.9 but i have no idea how to extract something useful, i don’t know how to execute anything, using the command "sh" i can see the code of that variable but i’ve googled all night long but nothing;
i don’t want any hint, just some good guy who can tell me where to study to comprend this ABOMINATION.
When I am trying to import personal certificate in firefox I am getting the following error- “This personal certificate can’t be installed because you do not own the corresponding private key”. Why am I facing this problem? Any help will be appreciated.
Type your comment> @Master123 said:
When I am trying to import personal certificate in firefox I am getting the following error- “This personal certificate can’t be installed because you do not own the corresponding private key”. Why am I facing this problem? Any help will be appreciated.
did you generate correctly the client c** with the correct priv8 key ?
Please stop killing https server
Rooted. I learned so many things.
I will try to help anybody , just drop me PM.
Rooted &&
Rooted but there is a certain issue with a certain bug on port 4** that causes it to stop working when trying to exploit it. With a little help I got around that but I’m still curious to know what the problem is, if anyone could shed some light on that in PM (or even just discuss the problem) that would be great.
Rooted, this was a fun box but very slow and unstable (at least in the public server). As for hints almost everything that could be said was already mentioned in this forum. PM for more hints if you are stuck.
Rooted. That was a really fun box. I need much time on user part. Thanks to @sazouki for his help in the user part.
PM me if you need any hints
Hi guys,
Some hint to start ??
i was playing with the QR and G-Auth but i don’t found anything !
Can anyone help me with the box via PM? Now stuck at certificate part:(
Type your comment> @EthicalHCOP said:
Hi guys,
Some hint to start ??
i was playing with the QR and G-Auth but i don’t found anything !
check the ports again, maybe you can find an exploit for that online?(not metasploit)
so i have some kind of access through both https and the good old door, managed to add myself to a user’s auth file and have a slightly more stable shell than the good old door, but its still the same thing. pulled another users key via https but i cant seem to get passed this point. i know for a fact my key has the right permissions but it still asks me for a password when i use it. for the good old door and my exact equivalent via the user, i’ve tried various common techniques to break out. i can get a connection back to my box but cant use certain methods of executing binaries.
any tips?
Finally rooted!
Nice box, learnt a lot on SSL client server certificate mechanisms.
My two cents are the following.
Initial foothold
Opened services are there for something… so focus on what you can grab from each service and find an old open door.
User
Once you find the old door, you are invited to play with OpenSSL…so give it a try. Once you managed to correctly authenticate yourself…basic hacking and user is yours.
Root
Just tell the machine to do what you would like her to do.
Cheers!