Some hint about the foothold? Thanks advanced.
Subdomain enumeration and searching for service vulnerability.
You will find a CVE
Hi guys, I’m reaching you cause i’m currently learning cybersec and i’m stuck with this machine. I’m pretty sure the first step for exploitation is in enumeration and it’s confirmed after reading conv here but i found nothing using gobuster, dnsmap or event sublist3r. If someone can help me for this step it would be nice !
Regards
I guess those will try DNS for subdomain enumeration.
Try a fuzzer and sending a crafted HTTP request.
You will get what you need.
thanks for help man, appreciate it
Hi man, possible to discuss in dm ? I’m still stuck despite a number of attempts with a lot of tools
regards
Sure. You can DM me
incredibly stuck at the subdomain figuring out what to do after looking through everything and could use a nudge pretty please
I’m quite lost at subdomain enumeration LOL. I tried every single wordlist without success, any hint on where should I look?
is the metasploit module a red herring? struggling to find the right CVE
try fuzzing to see if can get a hit 
Anyone I can DM for hint on root?
How are you all becoming root here?? 
I think I can not seem to get around this
Hi, i got reverse shell using CVE for admin panel but I go in circles… any idea where i should looking ?
regards !
Phew… got there in the end 
Enoyed this box.
lol should I even be www-data?
Need help with root.Is anyone On?
Thats the first foothold yes.
1 Like
You can DM me if you want.
Pwend, Thanks @bsnun for you help. Free DM if someone need help.
1 Like