rooted, thanks to @Raven37 for help
Okay, I got the token from the 3*** port, but I am stuck now, because after the "W****** A**** message I cant do anything here… Pls help
Have all the creds from 3*** - enumerated again. but don’t know where to use these. have 2 login portals 8*** and 8*.
Am I missing something on enumeration? Any hint would be nice 
Thanks in advance.
EDIT: Rooted. I think someone changed the password of the root user 
… But i had to enumerate once more to find the third l**** page. wasted a lot of time until someone reset the machine.
Learned a lot - good machine.
Can someone pls dm me abt the C*** syntax…I am stuck in that for ages.
Edited: C*** worked
But got only 4users, no pass
Tried this combo with the pass which I got from c*****.***, not working.
Am i missing something ?
Edited: Rooted finally 
Finnaly got it rooted. Thanks to everyone who was kind helping me. PM if you need some hints
frustratingly fun for this noob(me), but I finally got it. Learned plenty along the way, not to mention the extra emphasis on thorough enumeration. Thank you to all who provided hints in this thread and to the maker of the box. Also a big shout out to @coryshawty for helping me with some nudges, and @StalkerAlex as well.
on to the next one!
Hi everyone! I try to give you an advise:
User:
Enumerate all ports, try to get all information as possible. Get cred?
Try to figure out, how 3*** works. Here I get you a clue “A guide for adding JWT token-based authentication to your single page Node.js applications | by Naren Yellavula | Dev bits | Medium”
Find the way to enumerate that port. Get more creds?
One cred is useful for other port. Did you a right enumeration for all ports? prove it.
Here you will find more creds.
Now It is time for high port login
Root: it is pretty obvious
I hope I helped 
need some hints on luke…i got the user list but where to find the password
Type your comment> @jordan1986 said:
need some hints on luke…i got the user list but where to find the password
Use those users in the same way you found them
Stuck in Enumeration, used dirb, dirbuster, common txt. nothing. Any special settings am I missing?
Hi everyone, i’ve finally found the token on port 3***, but i can’t figure how to use it …
Could someone nudge me in the right direction ??
Edit: found the credentials using the postman software instead
Now stuck with credentials and 3login/auth pages but none of them are working ahahah kill me plz
Type your comment> @StukaTroll said:
Hi everyone, i’ve finally found the token on port 3***, but i can’t figure how to use it …
Could someone nudge me in the right direction ??
Edit: found the credentials using the postman software insteadNow stuck with credentials and 3login/auth pages but none of them are working ahahah kill me plz
Use those credentials the same way u got them
pm for help
Ok I have followed all the hints and I think my enumeration is done.
I have creds, I have places to use them and I have read some blogs to post… But nothing is working can somebody pm me and see why its not clicking please.
Got a bit further but still not getting passed to user. Please PM, I will let you know what info I have, and where I am stuck.
This one was fun Honed my enumeration skills a bit. Enumerate and use new data.
I successfully rooted the box but I cannot figure out the user. I tried the credentials in every places I could, which gave me the root access, but that’s it.
Any hint?
@Alhyoss said:
I successfully rooted the box but I cannot figure out the user. I tried the credentials in every places I could, which gave me the root access, but that’s it.
Any hint?
If you have a root you can access everything
@lkorba said:
If you have a root you can access everything
Yes of course but I thought there was a way to actually get the user and not just do it as root. I guess not! Thanks
Hi everyone, i’ve finally found the token on port 3***, but i can’t figure how to use it …any pm for help thanks