Networked

M1sha · September 11, 2019, 11:22am

Hi all,

I’ve got my low level privileged user, identified the exploit in the script, however whenever it executes, my nc session dies as soon as the reverse connection is made. Would really appreciate a PM, I’ve tried mixing up my reverse shell script, but it always immediately dies.

Thanks.

UnknownUserOp · September 11, 2019, 12:53pm

Type your comment> @Lodovico said:

I’m a noob. I don’t see anyone else mention they are having difficulty port-scanning this box… I’ve run at least half a dozen different nmap scans, except a UDP scan of ALL ports(waiting on one). All scans have reported that all ports are filtered, this has remained across box resets… I’m always up for a challenge, but want to make sure this is meant to be happening?

EDIT: Oddly enough, I now AM able to scan the box, 24hrs later… and no ports are coming back as filtered… I couldn’t see any ports before, nor visit the site, but now it’s working. Very odd.

I had similar issues at the beginning. The reason you see filtered ports is because either your ovpn isn’t connected or something with your connection.

Shrektt · September 11, 2019, 4:49pm

Hey I was wondering if anyone was having issues with the u***** page. Every time I try it just loses connection when trying to u***** any type of p** or j** just for testing.

hackgineer · September 11, 2019, 8:31pm

well pigs are flying somewhere, I can finally see user.txt, I just can’t read it yet. closing in, back to work.

vider · September 12, 2019, 1:42am

I got user and root with help with @pumbahax and @NicksEmporium… thank you guys!

hints
user: is so simple and so stupid, but necesary… “;”
root: google it and try until to get the file…

I’m prepared to help. PM me.

timfirst · September 12, 2019, 10:27am

pwned!
user:
upload and call it through your browser.
root:
find place to inject simple command.

Feel free to PM, if you need some hints!

SpaceMoehre · September 12, 2019, 1:15pm

need some help, i now how to get into user but my shell instantaneously dies. is using the :two-letter-tool myip myport: enough?

cybrly · September 12, 2019, 2:11pm

Type your comment> @SpaceMoehre said:

need some help, i now how to get into user but my shell instantaneously dies. is using the :two-letter-tool myip myport: enough?

I had the same problem for hours… double check what you’re using after that PORT number… there’s an important difference between -e and -c on the command you want run after the connection is made.

rfalopes · September 12, 2019, 2:47pm

Type your comment> @fastbyte22 said:

okay so i just reset the box and the u****** dir now just says “.” even when i successfully uploaded my payload

You need to do this u******.p*p/file

pickelz · September 12, 2019, 6:49pm

Type your comment> @neusec said:

Type your comment> @SpaceMoehre said:

need some help, i now how to get into user but my shell instantaneously dies. is using the :two-letter-tool myip myport: enough?

I had the same problem for hours… double check what you’re using after that PORT number… there’s an important difference between -e and -c on the command you want run after the connection is made.

I get -c to work but can’t get -e to work for a full reverse shell without it dying. any more hints on the actual payload?

Kevin251 · September 12, 2019, 7:42pm

I’ve got problems with the img u**** . any hint?

djbrains · September 13, 2019, 7:59am

Type your comment> @0penm1nd said:

pwned!
user:
upload and call it through your browser.
root:
find place to inject simple command.

Feel free to PM, if you need some hints!

just a little one please

djbrains · September 13, 2019, 8:00am

@pickelz said:
Type your comment> @neusec said:

Type your comment> @SpaceMoehre said:

need some help, i now how to get into user but my shell instantaneously dies. is using the :two-letter-tool myip myport: enough?

I had the same problem for hours… double check what you’re using after that PORT number… there’s an important difference between -e and -c on the command you want run after the connection is made.

I get -c to work but can’t get -e to work for a full reverse shell without it dying. any more hints on the actual payload?

isn’t c enough? its working for me till now. still not root but i can work with -c

deltacmd · September 13, 2019, 11:38am

Stuck on root, any help would be appreciated

edit: got root

djbrains · September 13, 2019, 1:28pm

Type your comment> @deltacmd said:

Stuck on root, any help would be appreciated

edit: got root

tell me how

no, not really, but i appreciate a hint.

djbrains · September 13, 2019, 7:57pm

argh, its drving me nuts

ZeroFlagsGiven · September 13, 2019, 8:31pm

Type your comment> @djbrains said:

argh, its drving me nuts

Without trying to give too much away…
Look at the characters you can enter without stopping the script from progressing. Then take advice that’s already been said, try to fuzz the input, but not necessarily with many characters.
Let the script finish and pay attention to the error messages.
You will get different errors based on your input. Once you get that it should be pretty clear.

m1m · September 13, 2019, 11:03pm

Rooted. PM me with what you’ve done so far for hints.

djbrains · September 14, 2019, 6:19am

Type your comment> @DameDrewby said:

Type your comment> @djbrains said:

argh, its drving me nuts

Without trying to give too much away…
Look at the characters you can enter without stopping the script from progressing. Then take advice that’s already been said, try to fuzz the input, but not necessarily with many characters.
Let the script finish and pay attention to the error messages.
You will get different errors based on your input. Once you get that it should be pretty clear.

I’ve been ignoring the error’s

rholas · September 14, 2019, 6:02pm

I find first step, any hint where to find ?