Netmon

got the user easily.

However, I am having difficulty of getting root.
I found that username and paintext password from file named ‘P*** ************.o.**k’ for accessing the portal. However, the password seems incorrect even if I reset the machine.
Could you please provide some help. Thank you so much!

from my point of view it was a realistic cve, but what i didnt understand is why the same command didnt work a second time. i got root without a shell or login. The i wanted to try the other possibilities to get root, but nothing worked so i checked the command that i did before and it doesn’t worked too.

Got user & root.

PM if you need help.

Nice box, always good learn about services of this kind. Thank you @mrb3n

@tw1zr cheers man :slight_smile:
@Sekisback its fully possible to get a shell via the app… but if you follow the poc for the cve out there for it you can do it another way which is pretty cool. go back to your nmap and have a look what you see there. you’ll be able to exploit it after exploiting the webapp. hope this makes sense mate.

If people could not try brute forcing the box that’d be awesome. There’s already a ticket in the dashboard that was auto-generated & is about slowing down login attempts due to over 100 failed login attempts, and that was generated 10ish minutes after a reset…

@MALVO, thx i was able to get a revshell, but that was not the point. the point was that it is a thing of luck if the script will be executed or when. This morning I had no luck with the same commando from yesterday. After 15minutes and a coffee the same command work like expected, a third try and it does not work again.

Type your comment> @mocastle said:

got the user easily.

However, I am having difficulty of getting root.
I found that username and paintext password from file named ‘P*** ************.o.**k’ for accessing the portal. However, the password seems incorrect even if I reset the machine.
Could you please provide some help. Thank you so much!

It has been said about 100 hundred times throughout this forum post.
Think like a user and, what year is it?

I can’t seem to get this CVE for P**G correct. It runs through the script but nothing seems to happen. Do the XXXXXX in the GA1.4 need to be changed as well? Could someone PM me? Thank you.

can Anyone please help for Prtg login Creds been like 4 hours Pm me Hints :frowning:

Type your comment> @Lajamerr said:

I can’t seem to get this CVE for P**G correct. It runs through the script but nothing seems to happen. Do the XXXXXX in the GA1.4 need to be changed as well? Could someone PM me? Thank you.

Look comment from “mocastle”, that the answer.

Please, don’t change de passsword.

can’t even try to exploit the vuln, server is crashing every 20 seconds… so frustrating

I’m trying to get RCE through the P** file on host. I can get some PS code to run but not the code i want. I tried copying where I assume the root.txt is to a place i know I can see. I keep getting a blank file though. Any hints? PM please?

Anyone experiencing bad connection with the server? cannot even get the root if the server keep crashing…

Type your comment> @daniel2005d said:

Type your comment> @Lajamerr said:

I can’t seem to get this CVE for P**G correct. It runs through the script but nothing seems to happen. Do the XXXXXX in the GA1.4 need to be changed as well? Could someone PM me? Thank you.

Look comment from “mocastle”, that the answer.

I’m already past the stage of getting the credentials for PG N**** M******.

Right now I’m trying out a CVE for it that requires authenticated privileges but the script doesn’t seem to do anything.

Type your comment> @Lajamerr said:

Type your comment> @daniel2005d said:

Type your comment> @Lajamerr said:

I can’t seem to get this CVE for P**G correct. It runs through the script but nothing seems to happen. Do the XXXXXX in the GA1.4 need to be changed as well? Could someone PM me? Thank you.

Look comment from “mocastle”, that the answer.

I’m already past the stage of getting the credentials for PG N**** M******.

Right now I’m trying out a CVE for it that requires authenticated privileges but the script doesn’t seem to do anything.

is it the one that require cookies?

Type your comment> @Jacker31 said:

is it the one that require cookies?

Yes it does. I added my cookie. Do you know if it requires editing the xxxxx.xxxx portion as well or can it stay like that?

Type your comment> @Lajamerr said:

Type your comment> @Jacker31 said:

is it the one that require cookies?

Yes it does. I added my cookie. Do you know if it requires editing the xxxxx.xxxx portion as well or can it stay like that?

from my understanding on the instruction, it is basically copy and paste the whole cookie and its value. this code is used to add new account in the web portal if i am not wrong…

Type your comment> @006c21 said:

Just rooted… can help someone with right path… just PM me :slight_smile:

please give me hint

I found the con********.o**.b*k the credentials but when i try to log in in the home page , it says: Login error .

I reseted the machine and tried again but its still doesnt work… somebody can help me?