I was able to read root.txt but my reverse powershell kept dying. Anyone else had this problem?
I think I found the vulnerability for root. If it is the a**us** one then I am not able to proceed with how to exploit it. Any hints is greatly appreciated.
I’m at the last hurdle, but none of my “notifys” seem to be working as expected. Am I on the right track or is this a rabbit hole?
got root.txt after a lot of guess and check. the log page is your friend
Type your comment> @cbx said:
Where are you guys findind the creds?
I looked everywhere, downloaded some .dat and .old from ft* found nothing…
read more carefully
man I gave up rooting netmon there is a reset every f* 30 seconds
and constant dos attacks and password changes on the box, can’t even work on it, swear I’ve cancelled resets about 150 times in the last hour.
going back to an insane box, let the skids have their fun ■■■■
The box creator, should make it so the default login creds can’t be changed, would save a lot of hassle. and make it easier for people to actually test things out.
Something I need to clear about this box:
1] PRTG doesn't work with default creds of PRTG as found after googlefu
2] Creds for PRTG login are present inside the box you have to enum and find that
3] Even though you found creds it'll not work untill you make obvious changes in cred
4] Site take time to get logged in even if you entered right cred (happened with me) So I used Incognito mode to try it & it worked
Hi Guys,
I am stuck with initial rce, I have tried exploiting the vul and adding a file so that I can check with f*p. but I am not able to, can anyone please give me some hints…
Cheers
Hey, folks,
Someone might give me a hint as to where I should go for root.
Thank you
Please reset the box since someone obviously displaying root.txt & user.txt !!
Got root.txt without getting a shell on the system, not sure if its the correct way or not but it worked
Do I have the credentials to access the web any root tip?
Type your comment> @geekpentesting said:
Please reset the box since someone obviously displaying root.txt & user.txt !!
The user responsible has been warned, and has said they would stop. If it happens again, Thor will visit.
Type your comment> @Farbs said:
Rooted! Big thanks to @ippsec and @robeerto for nudging me towards completion!
I have access to the site, some tip for root?
Unable to gain access to the site… could I get a hint on what to do with these creds?
Trying to figure out how to decrypt them is a pain. Not sure what method is being used. I am almost positive I know how to exploit to get root, but gaining access to the site is proving very difficult.
Rooted. Made a lot of stupid mistakes that I’m kicking myself for not doing during the enumeration stage. But it’s a learning experience regardless. Thanks for this box! Good experience with PRTG since I know so many people use it but I’ve never even touched it.
lol realy??!!
I had the code in my hands all the time … and still I continued to list services and using various tools … thanks
Can AnyOne Give Me Hint For THheRoot
Rooted … fun box, made more so as I use it at work