Official Cerberus Discussion

Official discussion thread for Cerberus. Please do not post any spoilers or big hints.

There are no available machines currently.

I cant access the server via port 8080. My openvpn gives me:

Authenticate/Decrypt packet error: packet HMAC authentication failed

Any help?

after you get the machine up and running. browse to: [IP-ADDRESS]:8080

This will redirect you but you will get an error. Note the redirection location in your browser, and add the URL to your /etc/hosts file.

Thanks. I did that already. I actually saw the redirect through my nmap scan. I still can’t get to the server. I think there’s an issue with my openvpn?

maybe… it should work as long as you have the correct host in /etc/hosts.

It does seem broken for you. Did you try redownloading the openvpn? Switching servers? Resetting machine?

Ah man, I’m so tired this morning. I’m using a VM for my hacking but forgot that I was running a vpn on my main machine. That vpn was interfering. SMACKS FOREHEAD

Thank you for your responses!

There are no available machines currently.

OK, so getting root on the machine was as the machine difficulty level suggests… hard.
But I still have no flags to show for it.

Scanning ports on the host shows two open ports. One is really interesting (wrm). But I can’t see how to even try to connect to it. Let alone credentials…

Any hints from the top notch players?

Did u use firejail vuln , im stuck there.
now im having problem connecting to the machine even when I ping it it reply by destination unreachable. any tips how to fix it

Yes, used firejail to priv esc inside… didn’t encounter an issue with reconnecting though. Going to try to port forward for wrm

I’m in. And I suck at privesc on a windows machine… Any help is appreciated.

Same here, maybe it has something to do with the ADSelfService?

I’m in the same boat. Got user flag and I’m not seeing a way to privesc. Any help would be much appreciated.

Need help getting my php reverse shell to execute… module is enabled but i have no idea how to get it to pop… any advice? feel free to dm

(all set! thanks to those who helped <3)

1 Like

Will pm

Any one can dm me and give me some ideas regarding on the initial foothold? i had successufully authenticate into the web applcation, and roughly understand the upcoming weakness

Anyone can help me in PE? How can I go out side to linux container ?

upload ssh key

1 Like

Hi hEmS ; I’m almost at the same step than @MagicL, can you I DM you to figure what I’ve done wrong ?

Can someone please help me about the payload to trigger the php rce? Pleasee im losing my mind