Official discussion thread for Socket. Please do not post any spoilers or big hints.
I wonder if anybody else has the same trouble with a slow HTB instance… trying to download a larger file … and the rate is below 20kB/s, this really sucks.
Do the app download links work for anyone?
Update: Yes, it just takes a â– â– â– â– long time
I cant enumerate this machine at all. Anyone else having this Problem?
ping? if not - check vpn: use competitive, not lab
I was using competitive but it seems like it was still connecting me wrong. Now its fixed though and i can begin. Thanks
I obtained valid SSH credentials, the vulnerability is in the WebSocket server, I created a script to exploit the SQL vulnerability.
Can you recommend any reading/research?
Nice, that was the direction I was thinking of heading in after peeking into the pyc
So I started to take apart the ELF. Is that a rabbit hole then?
I am a root user, feel free to ask
Rooted.
You may need to change your exploit a little bit, in this case single and double quotes make a big difference
yeah im using single but i can try double.
Finally got pro hacker rank, funniest privesc until now
For people needing to get user, use websockets without fear, this is the machine’s name after all
For root, pspy and a little bit of thinking will do the trick
And for anything else, just send me a message, R is always here
Any one can give me some ideas regarding on the initial point?
TKS
Hi, i can do the SQLI with a script that i alredy creted, but when i say to it “SHOW TABLES” it doesn’t show anithing… I have a hashed password, but i don’t now the user. Can you help me please? Thanks!
got a password from the db but i have no username, never thought i would have this kind of problems XD, any hint where to find a username, (NOTE : i tried the usernames i found in the db but no luck)
Hey, can i send you a dm by discord to talk from there? I have the same problem, if you want we can fix it together
I already solved the box with 10.10.11.206 but whenever i spawn the machine it gives me the weird instance ip and i cant submit my flags…i cant even ping that instance ip otherwise i wouldve logged in from that ip and submitted its flags