NIbbles

@LHM said:
I am just not able to utilize monitor.sh. tried to display the imp contents but it says permission denied. Also keep on getting error
: unable to resolve host Nibbles: Connection timed out
: no tty present and no askpass program specified

Any pointers?

I rooted this machine yesterday.
Read about tty and how you can spawn one when needed. It is also good to know, why is needed.
Regarding monitor.sh - do you really need to display it? Is its original content really important?

I keep getting ‘This exploit may require manual cleanup of ‘image.php’ on the target’ when i try the nibbleblog exploit. Already tried resetting it, did not help.
Any idea what else i can do

I just managed to get root.txt but I am not sure that was the intended way of getting it. I dont want to post it here and spoil it for others can I pm somebody just to clarify.

@Ju577Ry said:
i’am stuck here guys . i need help .

[] Started reverse TCP handler on (my IP):4444
[!] This exploit may require manual cleanup of ‘image.php’ on the target
[
] Exploit completed, but no session was created.
#msf exploit(nibbleblog_file_upload) >

Hi @Ju577Ry,

I’m stuck there. Any hint how you fix the problem?

Thanks! :slight_smile:

Can anyone help? I am appending a command to a script and get the error below. Someone stated that the script still runs but I do not see my root.txt.

unable to resolve host Nibbles: Connection timed out
no tty present and no askpass program specified

Hello, i believe i am pretty close on gettin root. helped by the hints around.
May i PM anyone to discuss a bit my idea of obtaining root.txt?

I got reverse shell access but none of the linux command works except for cd and ls. it always give me the ‘unknown command’ error. Should I reset the machine or this is expected?

I am able to login into the admin panel but not able to proceed ahead.Tried to upload a php script to verify for command injection,but looks like i am not able to upload it correctly.It is being uploaded as xml and not php.Any hints?

@minhhungvn said:
I got reverse shell access but none of the linux command works except for cd and ls. it always give me the ‘unknown command’ error. Should I reset the machine or this is expected?

I would attempt a reset. I did not experience the same issue that you are seeing.

Spoiler Removed - Arrexel

Got the shell :slight_smile:

anyone is around for a quick private conversation?

Please, Help me:

[!] This exploit may require manual cleanup of ‘image.php’ on the target

I have made a reset on the nibbles machine.
I do not know what to do, I hope they help me.

@minhhungvn said:
anyone is around for a quick private conversation?

Tell me.

@Xim said:

@Ju577Ry said:
i’am stuck here guys . i need help .

[] Started reverse TCP handler on (my IP):4444
[!] This exploit may require manual cleanup of ‘image.php’ on the target
[
] Exploit completed, but no session was created.
#msf exploit(nibbleblog_file_upload) >

Hi @Ju577Ry,

I’m stuck there. Any hint how you fix the problem?

Thanks! :slight_smile:

PM me , i will try to help u

@Ju577Ry said:

@Xim said:

@Ju577Ry said:
i’am stuck here guys . i need help .

[] Started reverse TCP handler on (my IP):4444
[!] This exploit may require manual cleanup of ‘image.php’ on the target
[
] Exploit completed, but no session was created.
#msf exploit(nibbleblog_file_upload) >

Hi @Ju577Ry,

I’m stuck there. Any hint how you fix the problem?

Thanks! :slight_smile:

PM me , i will try to help u

Thanks @Ju577Ry, It just worked after 15 attempts. :slight_smile:

@EdTato said:
Please, Help me:

[!] This exploit may require manual cleanup of ‘image.php’ on the target

I have made a reset on the nibbles machine.
I do not know what to do, I hope they help me.

Have same problem. Anyone available for help ?

its the monitor screen right?

@B1ackF1ag said:
its the monitor screen right?

@jc1396 said:
No matter which shell I try, I keep getting “This exploit may require manual cleanup of ‘image.php’ on the target”. Am I missing something here?

RESET

NEED HELP WITH ROOTING. got something with sudo -l