I’m also stuck here. Nudge by DM would be appreciated.
understand better how the preview one works…
has somone said it create a tempory location to store what we send…
Perhaps it can helped : i’m still looking for…
Yeah, I noticed that too, and it looks like the file is intact in that location, but I can’t seem to actually do anything with it lol
also i have noticed it clear the logs after get (it)… it same like we can get it once then it clears ( it same like we can not : retrieved it twice )…
stuck with foothold and hint/help please?
I don’t see any java script file
able to ping back from Cover URL section but shell isn’t executing, am i missing something or need more enumeration
1 Like
some of us don’t even have interaction… :\
I’m also able to ping back the request but unable to execute the shell
any hints on where to start?
dm me any hints
try to ping via tun0
i’m trying to ping 10.10.x.x and doring sudo tcpdump -i tun0 icmp but nothing shows. if doing http://10.10.x.x i get a hit. dm me please
Ant hints on the type of vulnerability to look at . so far I can only get it to download a payload I host but no idea how to exploit that since it does not “render” the payload.
me to
any hints for foothold?
1 Like
finally. I spend too much time making the correct payload for privesc.
please give hint for foothold
I would advice to re-think as we tend to rush towards obtaining a reverse shell back for foothold. Do not get stuck on the same.
Consider the issues introduced by functions which can load a URL from external source. How would an attacker think about such cases?
DM for a nudge.
Edit: Root is easier than User.
2 Likes
Finally pwned the box. Thanks for all the hints/help above.
If any help required dm me… @piyush comment is very helpful
1 Like