Official Time Discussion

Type your comment> @zomry101 said:

Rooted! First time I root machine alone (with some hints from the guys in the forum), If someone need help, feel free to DM me with what have you tried.

I’m about to DM you for some help. If anyone else has any nudges, I’d appreciate it.

Basically, I get the principle behind sp**.x** but I can’t get J*** to fire it off the way google tells me it should.

Machine response to me “********* re**** *** SYS”, But don’t have any thing back to me. I don’t know it became by connection or i did it in wrong way :frowning:

Started this machine 2 days ago but still havent found the right CVE. Could anyone give me some hints? I would appreciate it

Type your comment> @duongsake21 said:

Machine response to me “********* re**** *** SYS”, But don’t have any thing back to me. I don’t know it became by connection or i did it in wrong way :frowning:

the first time i ran this it worked, now a few days later i am back and got errors like this as well as timeouts…maybe that’s why this is called time?

@thanow said:

Started this machine 2 days ago but still havent found the right CVE. Could anyone give me some hints? I would appreciate it

Have a look at the response you get from entering test data. Google key phrases. This will take you to a series of things to test to narrow down how it is processing your data. Then you will get the key phrases to find the exploit you need.

Type your comment> @unkn0wnsyst3m said:

Type your comment> @duongsake21 said:

Machine response to me “********* re**** *** SYS”, But don’t have any thing back to me. I don’t know it became by connection or i did it in wrong way :frowning:

the first time i ran this it worked, now a few days later i am back and got errors like this as well as timeouts…maybe that’s why this is called time?

headshake - it worked, checked my http serving directory, the errors here dont seem to necessarily add up, which makes sense because you are leverage processes in an unintended way.

rooted, fun box. initial enumeration was a pain. Like @TazWake said, google all the error messages and it will point you to the right CVE.
PM for nudges

Yes, i use CVE, i have rev shell… connected but now? :frowning: Little hint?

@tortellino said:

Yes, i use CVE, i have rev shell… connected but now? :frowning: Little hint?

Grab the user flag, enumerate - enumscripts can be useful here. Find something, look at what it does. Modify it to your ends.

Yes, if i little help other… you image a two tunnel.
Now i’m to going to root. Hint?
It’s my second box.
@TazWake said:

@tortellino said:

Yes, i use CVE, i have rev shell… connected but now? :frowning: Little hint?

Grab the user flag, enumerate - enumscripts can be useful here. Find something, look at what it does. Modify it to your ends.

@tortellino said:

Yes, if i little help other… you image a two tunnel.
Now i’m to going to root. Hint?
It’s my second box.

You need to enumerate. It’s hard to be any clearer without telling you which file to look at.

Oh, this one was very quick.

I think there is enough hints around here. However, as I saw some ppl complaining about having their root shell dropped, you should know that there is more than a way to get your shell right?

I also had this problem with my first approach (don’t know why), but my second try worked like a charm.
:slight_smile:

kindly please give me some hint.i’m still in a deep rabbit hole.can advice is appriciated.

@L4c3fer said:

kindly please give me some hint.i’m still in a deep rabbit hole.can advice is appriciated.

Any hint? Ok - use nmap to find open ports, when you find an open port, look into it and see if it has anything you can use to exploit the box.

If that isn’t much use, it might help if you give an idea of where you are, what you are trying to do, what has failed and, ideally, why the previous hints haven’t helped.

@TazWake didn’t get Json dese******* exploit that work

@L4c3fer said:

@TazWake didn’t get Json dese******* exploit that work

I am not sure I used an exploit you’d describe that way. The one I used was based on googling the error messages.

Could someone give me a nudge on the CVE? I googled the hell out of the error messages and I tried all CVE PoC’s i could find, and none work. I don’t know what I’m looking for anymore.

@Foxar said:

Could someone give me a nudge on the CVE? I googled the hell out of the error messages and I tried all CVE PoC’s i could find, and none work. I don’t know what I’m looking for anymore.

The one I used has the last five numbers add up to 18.

hi @TazWake, can I PM you, can you give me sanity check on the exploit?

@blackbrownco said:

hi @TazWake, can I PM you, can you give me sanity check on the exploit?

Yep.