any hints on this one ?? am stuck in the same step
Try resetting the box. The hard drive gets full of logs very quickly, and if this is the case you wonāt be able to find your file on the box because it canāt save your file because thereās no room.
get root access with the help of @lim8en1
1 Like
I am stuck in run the shellļ¼ not sure what is the problemļ¼why always 404
2 Likes
Iām guessing you are doing this from the PwnBox. I did at first too, and it always failed. Once I switched to my own linux machine and openvpn the attack worked and I was able to finish.
Hey! Anyone could give me a direction regarding the PE?
Unable to open page with exploit loaded, constant 404. Help!!!
Is it intended way to do it?
is the box broken ? (Canāt get php file with hash : err 404)
yeah, I got player flagā¦ managed to find another little trick tooā¦ something to with the pdf and clearcache. This was the most difficult one Iāve done, and was so ā ā ā ā proud of myself. sad I canāt finish it off. maybe one day. lol
I think the box is broken, keep getting 404 n no shell is sent to me
For everyone who has having problems getting the exploit to work:
reset the box!
The reason is that the /tmp is full so your payload cant be saved.
Doesnt work
Can somebody please help me on priv esc? Im completly stuck. Thx
Iām a bit disappointed by the enum phase. I lost a large time to test different kind of pattern url, different http method but the anwser was my wordlist. I used a small one that works well on the other machines but not for this oneā¦ By replacing that wordlist by a medium, I found the magical path that I need.
Finally rooted. lost my mind.
which worlist should we use in gobuster? the default wordlist that comes with Gobuster?
Feroxbuster does the enum for the domain, api and subdomain but i cant seem to get a shell. trying harder though. please anyone should help me with the shell.
hi regarding the unintended (patched) root way, i just want to know if that was visible on somthing like pspy or you must search dates and stuff thanks