Official Cerberus Discussion

system · March 18, 2023, 3:00pm

Official discussion thread for Cerberus. Please do not post any spoilers or big hints.

JK1706 · March 19, 2023, 2:19am

There are no available machines currently.

UtopiousSpoon · March 19, 2023, 6:14am

I cant access the server via port 8080. My openvpn gives me:

Authenticate/Decrypt packet error: packet HMAC authentication failed

Any help?

KyserClark · March 19, 2023, 6:16am

after you get the machine up and running. browse to: [IP-ADDRESS]:8080

This will redirect you but you will get an error. Note the redirection location in your browser, and add the URL to your /etc/hosts file.

UtopiousSpoon · March 19, 2023, 6:27am

Thanks. I did that already. I actually saw the redirect through my nmap scan. I still can’t get to the server. I think there’s an issue with my openvpn?

KyserClark · March 19, 2023, 6:31am

maybe… it should work as long as you have the correct host in /etc/hosts.

It does seem broken for you. Did you try redownloading the openvpn? Switching servers? Resetting machine?

UtopiousSpoon · March 19, 2023, 6:32am

Ah man, I’m so tired this morning. I’m using a VM for my hacking but forgot that I was running a vpn on my main machine. That vpn was interfering. SMACKS FOREHEAD

Thank you for your responses!

m4rsh3ll · March 19, 2023, 10:20am

There are no available machines currently.

PinkIsntWell · March 19, 2023, 7:40pm

OK, so getting root on the machine was as the machine difficulty level suggests… hard.
But I still have no flags to show for it.

Scanning ports on the host shows two open ports. One is really interesting (wrm). But I can’t see how to even try to connect to it. Let alone credentials…

Any hints from the top notch players?

mrsBlue · March 19, 2023, 7:50pm

Did u use firejail vuln , im stuck there.
now im having problem connecting to the machine even when I ping it it reply by destination unreachable. any tips how to fix it

PinkIsntWell · March 19, 2023, 8:36pm

Yes, used firejail to priv esc inside… didn’t encounter an issue with reconnecting though. Going to try to port forward for wrm

EDIT:
I’m in. And I suck at privesc on a windows machine… Any help is appreciated.

evilByt3 · March 19, 2023, 11:00pm

Same here, maybe it has something to do with the ADSelfService?

KyserClark · March 19, 2023, 11:55pm

I’m in the same boat. Got user flag and I’m not seeing a way to privesc. Any help would be much appreciated.

Jutin · March 20, 2023, 12:24am

Need help getting my php reverse shell to execute… module is enabled but i have no idea how to get it to pop… any advice? feel free to dm

(all set! thanks to those who helped <3)

no0pr · March 20, 2023, 12:56am

Will pm

MagicL · March 20, 2023, 9:14am

Any one can dm me and give me some ideas regarding on the initial foothold? i had successufully authenticate into the web applcation, and roughly understand the upcoming weakness

hEmS · March 20, 2023, 10:03am

Anyone can help me in PE? How can I go out side to linux container ?

hEmS · March 20, 2023, 10:04am

upload ssh key

Luclis · March 20, 2023, 12:06pm

Hi hEmS ; I’m almost at the same step than @MagicL, can you I DM you to figure what I’ve done wrong ?

claretIvy · March 20, 2023, 12:47pm

Can someone please help me about the payload to trigger the php rce? Pleasee im losing my mind