Official Doctor Discussion

Official discussion thread for Doctor. Please do not post any spoilers or big hints.

80% sure I know what the service is going to be

Rock the show.

Anything

Yea but I can’t access it…

Anyone got past the login portal yet?

Hmmm

RCE. I hav got but no creds

Type your comment> @cmoon said:

Anyone got past the login portal yet?

Which one?

30+ minutes of scanning and no single port open.

Spoiler Removed

Why we can’t access that thing on that port?

GG to 2 First blood

Type your comment> @LeChatP said:

GG to 2 First blood

■■■■ it

Some hint to get a foothold ?

I can’t figure out these creds… Is it gonna require X** injection?

A hint would be appreciated

Type your comment> @LMAY75 said:

I can’t figure out these creds… Is it gonna require X** injection?

A hint would be appreciated

I don’t think X** will do…
It requires a client right ?

Type your comment> @Karthik0x00 said:

Why we can’t access that thing on that port?

I’m wondering why too !

I found the default creds but as mentioned on various sources, they won’t work remotely. And the response implies that the default password has not been changed. So that might help in priv esc later on. That also rules out brute force which sometimes works on easy boxes.

Then what is left is to find some other user and their password, or try to get something back from that communication channel.

Any hints or nudges appreciated.

Type your comment> @tang0 said:

I found the default creds but as mentioned on various sources, they won’t work remotely. And the response implies that the default password has not been changed. So that might help in priv esc later on. That also rules out brute force which sometimes works on easy boxes.

Then what is left is to find some other user and their password, or try to get something back from that communication channel.

Any hints or nudges appreciated.

where u found ?