Rooted, odd, need to see how others got user then root. As I went right to root, and just grabbed user while I was there. Root FTW!
@PanamaEd117 said:
Rooted, odd, need to see how others got user then root. As I went right to root, and just grabbed user while I was there. Root FTW!
Same here, I was a bit confused!
Type your comment> @faneQ123 said:
Type your comment> @jordan1986 said:
need some hints on luke…i got the user list but where to find the password
Use those users in the same way you found them
thx bro …able to find the password …it was easy …but is it base64???
I had fun getting to the end, but I DID NOT expect to find both flags at once on a 30pt box. I thought I was in for more pwnage.
Could someone please tell me why Post request to 3000 returns forbidden even after sending proper credentials from conf using curl?
Type your comment> @d3kum1d0r1y4 said:
Could someone please tell me why Post request to 3000 returns forbidden even after sending proper credentials from conf using curl?
Maybe you need to add a little thing after 3000 in the url
Type your comment> @faneQ123 said:
Type your comment> @d3kum1d0r1y4 said:
Could someone please tell me why Post request to 3000 returns forbidden even after sending proper credentials from conf using curl?
Maybe you need to add a little think after 3000 in the url
Yeah i did that and use the creds from conf
can i pm u?
I have login pages. but I couldn’t find the credentials. Can someone give a hint ?
@n4oumin3 said:
I have login pages. but I couldn’t find the credentials. Can someone give a hint ?
i’ve found the token on port 3*** , If-None-Match:*** but i don’t know how can i use this token?
@d3kum1d0r1y4 said:
Could someone please tell me why Post request to 3000 returns forbidden even after sending proper credentials from conf using curl?
As someone stated earlier, the default administrator username depends on the service you’re using 
I can use as assist with curl syntax for port 3***
Hey folks. Newbie here looking for pointers and advice. Enumerated and found all the open ports, I think. Found the closed/filtered port Not sure how to proceed from here. Anyone willing to mentor a newbie?
Rooted!! Some surprises there, but the best thing anyone can tell you is to enumerate!! PM me if you need a nudge
Type your comment> @lpokmnj said:
Hey folks. Newbie here looking for pointers and advice. Enumerated and found all the open ports, I think. Found the closed/filtered port Not sure how to proceed from here. Anyone willing to mentor a newbie?
Pm me if you want some help
I have gotten both flags, but without a shell. I am interested if anyone managed to get a shell on the machine and how they did it 
Whenever I try to send a POST request, it gives me a “Cannot POST” error. What am I doing wrong?
(EDIT: nvm I got it)
Hi! I got access to Aj*** webapp but no dashboard is shown, even if I reload with F5. I just see the menu with the home icon and the bottom bar with links, is there somenthing I’m missing?
EDIT: Fixed after resetting the box
I’ve found the “W****** a****!” message but now at a loss. I’ve tried all possible login boxes including Aj**** on the high port, M******** & L*****.php but not working. I feel like I’m missing something obvious. Can anyone give me a nudge as feel I’m so nearly there!
Edit: Rooted! My first non-retired box.
Type your comment> @faneQ123 said:
Type your comment> @jordan1986 said:
need some hints on luke..i got the user list but where to find the passwordUse those users in the same way you found them
found username and passwd and found some login pages mangement ajinti …how to