Official discussion thread for StreamIO. Please do not post any spoilers or big hints.
Any hints about where to look to begin this machine, Thanks
gnt48 - could you message me about how you found the users
I have basically nothing after several hours
Try to enum entire webpage. Check ssl-certificate. There is something hidden.
Can’t find path to user.
I get foothold and some credentials but i can’t find the file i want.
a nudge is welcome
Did you already get a shell? Did you find credentials for the da****** as d*_a****?
I didn’t get shell yet.
But got the credential for d*_a****.
You can find an e*** in one p** file.
should i guess another vhost’s folder or that p** file locates in the same webapp?
hey could I message you about user? I have a few credentials, but I’ve reached an impass
can anyone confirm the SQLI is a dead end?
This poor machine keeps freezing on me. Guess it’s the new hotness.
need help on foooothold!!!
got somethin in cert
i get LAPS Password but is not working can someone send me a tip ?
i made it rooted: great machine
@binho1337 can I ask you a question about user?
sure, dm me
it wont let me for some reason
I rooted the machine. For me, foothold was the hardest part.
Foothold: Enum the entire page. You will find some “hidden” pages/domains. One have a common vuln for getting creds. Using these creds, you can login and try another attack path for getting reverse shell.
User: PortForwading is the key.
Root: AD enum to find the desired goal.
Hi ! I try to find user…For that i use a tool from im… but i get an error message…I would like to know what i do wrong. Could someone help me?
Hello @mhendel send me a DM with print screen with error and i will try help you