Sure, it’d be helpful to know what exactly you tried doing, if you feel like it could be too much of a spoiler just send me a dm. Nevertheless, what is most important is towards the end of the blogpost about the Wekrzeug pin generation, do not bother recreating a virtual environment
Did anyone have ssh issue connectivity? Because I was able to find creds for initial foothold but the thing is that I am receiving timeout when trying to connect via ssh
It was hard for me, but i pwned c: and yeah, the answer is not only in the knowed payloads, you need investigate a little bit more and do
- i see a file, when you see a file in a url or post param, is something than you can do
- what was that error? you must investigate about it
- what is that? that file are not usually in the linux machines, CVEs
- yeah, you have a route and a payload, but it needs to be exactly like that? maybe you need to enumerate what else files do you have
i’m open to recive DMs but maybe take me a while answer
someone said that the IDOR has been fixed. so there’s no IDOR anymore.
ill try, thanks for this. i be coming back if i have rooted this machine.
Really? So only way in is the password on the debugs?
Since when though.
i think we have to crack the werkzeug debugger to get the console pin? i dont really know the exactly it is, im still trying lol
i managed to do it, DM if u are having troubble
FINALLY!! I Finally pawned it in 3 long days!! Shout out if you need some help