Official Intense Discussion


Can someone give me a nudge on the foothold of this machine? So far, I have found that a port 161 is closed but maybe we can access it and also admin directory is forbidden so no idea how to access that. It would be great if someone can assist me.

Also, i am working on the message submit part and the port 161 part

Is the message a rabbithole? I can make valid requests but cant extract data since i havent found a way to delay time. Also tried to bypass the filter with fuzzing the bad words with every unicode char.

@testmeister Not sure, that is where I’m stuck now, the problem is that any valid query just returns a 200 OK.

Hi I would like a nudge, I found the S*** on S***** M******.
all my attempts that are syntatically correct render OK.
I tried the usual, any help would be appreciated!
I tried to do a S**I as well on that same page, no result {{ crying :slight_smile: }}

Does anyone know what we can do with this?


nikto scan produced this for me

An early form of the chunked transfer encoding was proposed in 1994.[1] Chunked transfer encoding is not supported in HTTP/2, which provides its own mechanisms for data streaming. has anyone messed with this format?

Working on root. Dissatisfied by my current lack of a shell. Anyone willing to do a sanity check for my current thought process? Thanks.

Type your comment> @sparkla said:

Type your comment> @JMFL said:

Does anyone know what we can do with this?


Were does this actually come from? One of the first things someone sent me without any explanation.

+1 you cant use something you dont know how it work or from where is come from

OSVDB-3126: /submit?setoption=q&option=allowed_ips&value= MLdonkey 2.x allows administrative interface access to be access from any IP. This is typically only found on port 4080.

false positive

oooofffff i got something

So, I can read user flag but can’t get a proper shell. I Appreciate any hints on that

can anyone pm a hint me? im stuck at the R*E part

Type your comment> @justAhmed said:

So, I can read user flag but can’t get a proper shell. I Appreciate any hints on that

Same Here


I think i’ve found the vuln in the source code for the foothold but can’t exploit it with success, can someone give me a nudge please ?

Anyone else had a problem with the self generated c*** and solved it? I tried it local the c*** is valid but the data is not correct, it should be adminaccount:adminhash but instead it is otheruser:adminhash

edit: Never mind, the solution was kind of easy.