Spoiler Removed
Spoiler Removed
Enum
- two virtualhosts found.
- one search engine, found developer at codepen.io
- one login page with nothing so far (probably nothing)
- some PHP page with nothing useful so far
now stuck…
Spoiler Removed
Just realize “DAD” is NOT “DOD”, DOD means “Department of Defense”
I’m at the point where I’ll need some time to write the extraction script, but no guessing was involved so far, just had to enumerate carefully.
edit: got user so far awesome box, now onto root…
They just started farming, what do we suppose to do? start planting? I can see only two information can be extracted as of now.
user.txt ok
So far I found a search engine, an a*******.php page and an orange login screen. I can’t think of anything even with the hints in this threads…
Would anyone be so kind as to shoot me a small nudge?
enum /ve…/co…ser check default file names
yo im stuck in the rabbithole any tips
Unable to go further than a search engine and an axxxxxtx.php page, please someone help me with a nudge? TIA
Type your comment> @n4v1n said:
Unable to go further than a search engine and an axxxxxtx.php page, please someone help me with a nudge? TIA
same boat =) would appreciate a nudge
edit: found it! thanks to @dontknow
Type your comment> @n4v1n said:
Unable to go further than a search engine and an axxxxxtx.php page, please someone help me with a nudge? TIA
What else could you check about a https page that might hold some information? Something you’re supposed to check anyway if you get invalid ********* error anyway
This was a really fun box and a great learning experience. Kudos to @MrR3boot.
Obligatory hints.
User: very thorough enumeration is the key, knowing a bit of CS theory (and applying it in terms of code) really helps cutting down the time needed.
Root: I said “very thorough enumeration” for a reason.
Can someone help me on this box please?