Official Sightless Discussion

0xNite · October 24, 2024, 3:50pm

Nasty but fun… learned a lot but this was not an easy one.

Olorim75 · October 25, 2024, 10:32pm

I’m stuck. I search pass for the priv escalation (I have user access). I found the process and I think I know what I need to search, but I dont find what to do with that informations…
I read all message here, but I have no idea on how to find these creds…
Someone can help me?
[EDIT]
Rooted!

Cipherhash · October 26, 2024, 11:25am

I am stuck with internal panel Froxlor after port forwarding and now from than how to exploit it get the root flag any hint would be much appreciated.

Olorim75 · October 26, 2024, 12:50pm

Not sure how this forum work…
I just rooted it! DM.

gaffenomicon · October 27, 2024, 8:33pm

Me solving this one

kk0128 · October 28, 2024, 4:08am

i´m stuck in F****** service login
DM me for a hint

GerbySec · October 28, 2024, 7:11am

lol i did too. out of frustration i clicked to my other tab and felt stupid lol

GerbySec · October 28, 2024, 7:16am

Im not sure if there are multiple ways to root but for me the root flag i rated a very easy and the user flag as easy. either way fun box. the way i got root i feel wasn’t to real world but still fun.

retro4hack · October 29, 2024, 11:42am

ROOTED!

User: It is pretty straightforward: moreover, if you want user flag, why would you search on a root whale ? Use it for enumeration, you’ll get your user access data, and eventually become user.

Root: interesting process, really liked it. There are to many things to keep an eye on and linpeas is not a lame hint to give, considering that it will highlight 95% Exploitation vectors. Just to don’t make you waste time… There is no need to crack any password. someone will login by himself and you’ll have to spy it. Once you have the access to the portal, rooting is straightforward and left to your imagination.

Susie01 · October 30, 2024, 5:13am

somehow my linpeas.sh file is not showing in both rt account or m**** account. please help im stuck, i have found the user flag but i need the linpeas to get pw

P1dc0f · October 31, 2024, 6:07am

Where need to be modified in the Floxor’s offical cve_payload?

P1dc0f · October 31, 2024, 6:10am

Me tool ! The problem has been solved?

Kiu1812 · October 31, 2024, 6:10pm

Someone uploaded root flag to /tmp

Someone can confirm it is the correct? I don’t wanna upload it without escalating first

Kiu1812 · October 31, 2024, 6:18pm

PD: I sent a reboot to the machine the second I saw it

zoroxz · October 31, 2024, 6:27pm

u need to add it to hosts like u do with main title

pwd · October 31, 2024, 8:55pm

root

Blind XSS doesn’t seems to work
i wrote multiple payloads and no one seems to work with my IP (didn’t get any request)

Susie01 · November 1, 2024, 10:56am

make sure you are putting the right ip and then click or refresh the page, might work

Susie01 · November 1, 2024, 11:03am

how is it solved please guide? im stuck

Patch · November 3, 2024, 1:42am

Got it
About root :
Once you get access to admin panel there is no technical difficulties, just dig into this shitty privileged process and you’ll find.

Tennex · November 4, 2024, 1:45am

found the D*******.k** file, but the creds inside didn’t work. Am I on the right path, or was this a well crafted rabbit hole?

Topic		Replies	Views
Official Resource Discussion Machines	153	4796	November 23, 2024
Official OnlyForYou Discussion Machines	185	12676	September 7, 2023
Official Trick Discussion Machines	344	20119	December 23, 2022
Official Headless Discussion Machines	57	7216	June 29, 2024
Official Sea Discussion Machines	370	13640	December 19, 2024

Official Sightless Discussion

ROOTED!

Related topics