Official Line Discussion

htbapibot · August 20, 2021, 8:00pm

Official discussion thread for Line. Please do not post any spoilers or big hints.

trcm · October 8, 2021, 9:59am

I’m curious about this being marked as ‘easy’ ?!
I can’t seem to get beyond possibly identifying the printer queue name using an LPD script from P**T.

I’ve read through hacking-printers.net to no avail, any clues to what I’ve overlooked?

trcm · October 11, 2021, 5:00pm

Whelp, I was on the right line, the syntax was just very finicky. pfft.

kruemel · January 25, 2022, 9:15am

Same problem. Stuck with the P**T tools. Tried to run LPD commands directly against the port, with no success. Any ideas? I think I’m starting to overthink the problem…

trcm · January 25, 2022, 2:58pm

You’re very much on the right lines, look closely at the example usage of ****est.py and try not to get shellshocked overthinking things.

skilfoy · January 30, 2022, 6:29am

Having tons of trouble with this one. I can’t seem to get the syntax right. Some help please?

skilfoy · January 30, 2022, 6:05pm

Could you please help me out with the syntax? This is becoming ridiculous. I’ve spent many hours messing with the ****est.py script to no avail. For an easy challenge, this is giving me way too much trouble. I’ve asked around on Discord too and nobody seems to be able to help.

kruemel · February 8, 2022, 11:28am

I’ve tried all the examples in the ****est.py README. Changed the syntax slightly, but no success. I also tried all the examples found at GitHub - MrCl0wnLab/ShellShockHunter: It's a simple tool for test vulnerability shellshock (see Source file ( Exploits)), no success.

It seems that the ****est.py script doesn’t return any output. Or I am using the wrong syntax.

No idea…

Anybody knows what’s wrong?

trcm · February 8, 2022, 11:54am

PM me

asib · February 18, 2022, 10:49pm

Any chance I could PM you for a nudge too? Been stuck on your last hint for a few days.

h47d3n · March 30, 2022, 2:03am

I’m struggling with P**T script too.
Also tried kinds of quotes and escaping characters to my commands, nothing responsed.

Gozer · April 3, 2022, 10:19pm

(post deleted by author)

Gizzle · June 5, 2022, 8:17pm

That github repo helped me a lot, thanks @kruemel1! I found the missing piece there. With that, the ****est.py script and ngrok I managed get the job done. If anyone gets stuck, feel free to dm me.

topitobravo · October 12, 2022, 8:49pm

Some hint pls? I cannot even figure out the attack path, since I can’t ping my pc, being out of the VPN…

Gizzle · October 25, 2022, 5:51am

Dm me

cyberneurovirus · February 1, 2023, 2:26pm

Just DM you.

motasem · July 21, 2023, 6:43pm

I just doubt that this challenge is easy. I tried everything in lpd****.py from PRET.

Went further and tried all shellshock payloads and tried to send an input file loaded with shell with ***print.py but with no luck.

Any hints?

hakstuff · August 8, 2023, 7:07am

I’m pretty confused on this challenge, and am unsure if I’m overthinking it. Using the aforementioned tools, I was able to get full root access to the box. I downloaded an entire copy of the server script so I know all possible functionality, and I still haven’t been able to solve the challenge. Is there some sort of Machine-like post-exploitation phase, or at this point have I overshot the original goal? Looking for some guidance, thanks!

krellkrypto · January 26, 2024, 6:21pm

You need to use eth0 ip not tun0 IP.

the challange is hosted on the actual internet, not the VPN, that is why.

rrehlert · February 23, 2024, 9:00pm

Anyone willing to help on this?
Tried the *****st.py script with some shellshock examples but to try a reverse shell but nothing works