Tip for User:
When you think you need to go over something, look for ways around it instead of confronting it head on.
Tip for User:
You missed it, linpeas again
You can find in with linpeas
You don’t need any creds for that subdomain
gobuster failed also here, use wfuff and you will find it
The foothold via the m**ro is working? I don’t know where is my error. I already reset the machine 4 times and regenerated my vpn
The right path to a foothold is in the mail
Yes I know. Now it’s working. I was creating the m**ro in the wrong place.
Then you made the same mistake as I did
This box was fun. Especially the final escalation.
I can fetch files from my local http server via the subdomain. However I am stuck on how to use this to access the filtered port and do my attack Any help/hint will be appreciated …
Can someone PM me? need help on bypassing subdomain creds
Hey! Any hint of which subdomain list should I use? Did not find anything yet…
Any list will work. Common one? Above nudges are sufficient, try wfuzz-ing.
Would be great if someone could nudge me a bit with the foothold. I can get the payload where I want to (at least I think so), but I just can’t get it to fire… Mostly I’m also interested if there is a poc/something similar or if you crafted the payload from scratch
Feel free to DM.
After much effort, I rooted this one, many new topics for me. I need to stop looking at the difficulty ratings on these machines or something because there were two pieces that I completely overlooked because I didn’t think they would be present on a hard rated machine. Need to find a way to figure out if there is an insane machine so I can avoid for now, otherwise, I should disregard level:)Can’t express enough gratitude to Onisec, Lim8en1 and pandas08s for the time they give for feedback.
Happy to help in DM if needed.
I’m So stuck getting foothold/Shell
please any help will be great DM
You can DM me
Yeah, I´ve tried with every tool but no subdomain found… Don´t know what is going on