My current issue is that I get this message in msf and it doesn’t create a session suggesfully.
Started reverse TCP handler on CENSORED
[+] Logged in as: f***** (I censored this as well)
Retrieving UUID…
Uploading UQygUigAYU.png…
Uploading .htaccess…
Executing UQygUigAYU.png…
[!] This exploit may require manual cleanup of ‘.htaccess’ on the target
Exploit completed, but no session was created.
What are the recommendations for facing this situations and figuring out which part of the msfconsole is wrong? Thx a lot
My current issue is that I get this message in msf and it doesn’t create a session suggesfully.
Started reverse TCP handler on CENSORED
[+] Logged in as: f***** (I censored this as well)
Retrieving UUID…
Uploading UQygUigAYU.png…
Uploading .htaccess…
Executing UQygUigAYU.png…
[!] This exploit may require manual cleanup of ‘.htaccess’ on the target
Exploit completed, but no session was created.
What are the recommendations for facing this situations and figuring out which part of the msfconsole is wrong? Thx a lot
My current issue is that I get this message in msf and it doesn’t create a session suggesfully.
Started reverse TCP handler on CENSORED
[+] Logged in as: f***** (I censored this as well)
Retrieving UUID…
Uploading UQygUigAYU.png…
Uploading .htaccess…
Executing UQygUigAYU.png…
[!] This exploit may require manual cleanup of ‘.htaccess’ on the target
Exploit completed, but no session was created.
What are the recommendations for facing this situations and figuring out which part of the msfconsole is wrong? Thx a lot
Check your LHOST settings. Try changing to tun0
ok, Thank so much for your suggestions. However, I face another problem that the value of the CSRF token was out of range (you may see the link of the print screen link below) while I try to use the .py to exploit the blunder machine. Spoiler Removed
What should do to solve this bug?Thx first
I’d remove the pic Big Spoiler. Also appears that you have the password spelled wrong.
My current issue is that I get this message in msf and it doesn’t create a session suggesfully.
Started reverse TCP handler on CENSORED
[+] Logged in as: f***** (I censored this as well)
Retrieving UUID…
Uploading UQygUigAYU.png…
Uploading .htaccess…
Executing UQygUigAYU.png…
[!] This exploit may require manual cleanup of ‘.htaccess’ on the target
Exploit completed, but no session was created.
What are the recommendations for facing this situations and figuring out which part of the msfconsole is wrong? Thx a lot
Check your LHOST settings. Try changing to tun0
ok, Thank so much for your suggestions. However, I face another problem that the value of the CSRF token was out of range (you may see the link of the print screen link below) while I try to use the .py to exploit the blunder machine. Spoiler Removed
What should do to solve this bug?Thx first
I’d remove the pic Big Spoiler. Also appears that you have the password spelled wrong.
My current issue is that I get this message in msf and it doesn’t create a session suggesfully.
Started reverse TCP handler on CENSORED
[+] Logged in as: f***** (I censored this as well)
Retrieving UUID…
Uploading UQygUigAYU.png…
Uploading .htaccess…
Executing UQygUigAYU.png…
[!] This exploit may require manual cleanup of ‘.htaccess’ on the target
Exploit completed, but no session was created.
What are the recommendations for facing this situations and figuring out which part of the msfconsole is wrong? Thx a lot
Just got the pw for the user in the t*.t file…
It was really frustrating because I already tried that but it didn’t work the first time because of IP block.
You do not have to bruteforce anything for this particular password, just read the blog entries, check where they are from and you will notice something.
Ok im losing my mind trying to get my non-interactive shell to upgrade. I use the python one liner and my shell just hangs then I cant see any output. Ive been doing this for hours I need a bone I have the credentials I need for the user flag. I just need to switch users and i cant without a fully interactive shell.
m********t “shell” command gets stuck. any suggestion?
Can only guess as to reason - lots of things could have caused it. Does it happen every time you try? Does it work before you drop into a shell? Is the payload correct etc.
At the moment you’d need to troubleshoot it - there isn’t a simple answer.
The foothold for this box was just kinda stupid. Maybe its just me and my general distaste for CTFy machines but after I got the initial foothold I was pretty disappointed. the “first part” is fine. However the way to get the "second part " for the initial exploit seemed more of a way to slow down the progress of rooting the box rather than trying to give an example of or teach anyone a concept. Maybe I’m being too harsh about it but It just seemed kinda uninspired on the creators part.
That all being said I actually did like this box after the foothold, user gave you a potential dead end and made you look somewhere else, which I personally like to see. Root took me 2 minutes, but its an easy box so I have no complaints. If it were not for the foothold.
this box would be great for someone who was just learning, because of the general enum concepts.
tl;dr
foothold bad, rest of box good
there are plenty of hints on the forum, but if you need additional help, send me a pm with what you tried so far and I will do my best to help.
i think the initial foothold was quite good. there is a section of the OSCP that teaches you those exact steps and i enjoyed that it was finally in a HTB machine to do the same.
the next user part took me the longest to find but once i found it the rest was easy.
Hi there !
I think i need some help, i have access to both user and root files, but when i submit the flags (clicking on own user / root) it says it isn’t correct… Is it possible somebody changed it ? Is it a way to ask admins ? I can’t reset anymore today…
[edit]Problem solved, thanks to @TazWake i figured it out and waited for another reboot… [/edit]
