hello look at the documentation of the software and try too see where is the config file, when you’re in the box try to see this file
1 Like
yes like I said look at the software config, as www-data it’s all you can play with so search software config file on google, you’ll find something interesting
1 Like
Stuck here at vhost enumeration.
Looks like none of the Wordlists are working
it would be great if you can nudge a bit in right direction
found the subdomain, and was able to login with generic cred, but have no privilges. Is this the right approach or am i getting off track?
1 Like
it’s the right approach now look at the software you logged in and try to find something interesting about it on the web
1 Like
when you try to enumerate vhost with gobuster you have to add the flag “–append-domain”, like “gobuster vhost -u http://somewebsite/ -w /usr/share/seclists/Discovery/DNS/yourwordlist.txt --apend-domain” and normally it will find the good subdomains
4 Likes
Thanks for the advice from everyone; I have pwned the machine.
2 Likes
i got a shell on it using a cve, but theres not much to see
I PM you to discuss about the “not much”
thanks, found it.
1 Like
That user has access to web folder, maybe now you can read interesting files
1 Like
no problem good luck friend
Hello any tip regarding root
I need help on root. Searched /v**/*** completly clenased every corner for info to root, but cant find even the vector
Any help pls?
Thanks a lot bro you saved me
1 Like
Can’t find for the moment I’ll share when I pwn root, sorry man 
1 Like
Thanks a million @Kr4t0s4s , I finally found the password and was able to deduce where to use it (that part was easier than finding it 
)
1 Like
thanks to you bro, yes I learned to search for config file when i have a foothold ! that’s important to search for the structure of the application on the web and read documentation
Finally rooted the box.
1 Like
Thank you. I was beating my head so hard. sometimes you gotta take a step back and look at the forest for the trees.
3 Likes