Official Time Discussion

Type your comment> @Hackingbug said:

Hello!!! I’m a beginner and learning the methodlogies…Could u please anyone help me for reaching out the Time…I have done enumeration …But I’m unable to find out …

You will need to find a vanurability of the website. Try different inputs and you will see some errors. Googling the errors will get you the correct CVE.
(note: I tried many different CVEs to find the correct one.)

Anyone on to discuss root? Think I know how to get there, but can’t seem to get it working

Edit: Never mind… Got it

Hello, I am completely new. I have googled all that I can understand and I would love a PM if anyone is willing to nudge me in the right direction

@ramen00ds said:

Hello, I am completely new.

This is not a good box to start on. It is rated medium, but I would suggest that is down to how you don’t really need to create much unique code. It is not easy.

I have googled all that I can understand and I would love a PM if anyone is willing to nudge me in the right direction

The basic advice is to google the error message, read the results, try something else. If that generates errors, google them and so on.

Eventually, this narrows it down to an exploit that - with a bit of modification - becomes successful. It is likely to need a fair amount of trial and error.

@TazWake

I actually gotten around to that and googled the error messages. And I found the right CVE I believe with all the hints. Now I guess I will have to figure out how to modify the exploit…

@ramen00ds said:

@TazWake

I actually gotten around to that and googled the error messages. And I found the right CVE I believe with all the hints. Now I guess I will have to figure out how to modify the exploit…

Awesome.

One of the frustrating aspects of this box is that all the answers are actually on the GitHub page but because it talks about a lot of different things, it can be really, really hard to work it out.

Type your comment> @TazWake said:

@ramen00ds said:

@TazWake

I actually gotten around to that and googled the error messages. And I found the right CVE I believe with all the hints. Now I guess I will have to figure out how to modify the exploit…

Awesome.

One of the frustrating aspects of this box is that all the answers are actually on the GitHub page but because it talks about a lot of different things, it can be really, really hard to work it out.

Ah! thank you! I will look at that now!!

Hey guys anoye can help me with a CVE, i have 2 days trying :frowning:

Type your comment> @ordyylan said:

Hey guys anoye can help me with a CVE, i have 2 days trying :frowning:

The last 5 digits of CVE adds to 18.
if you need any nudge pm me.

Any help with the following error: lock: 3 exclusive write lock requesting for SYS

Type your comment> @muraylen said:

Any help with the following error: lock: 3 exclusive write lock requesting for SYS

Had the same problem. Dont worry its nothing. Your payload should be working despite that “error”. If not focus ont he payload :slight_smile:

medium that should be easy… easy that should be hard… what a mess

Great box if your enumeration skills are good and you get on the right track. if not, it’s a pain in the ass. User is definitely the harder part, getting root far too easy. Nevertheless learned a lot

As already said you need to find the right CVE to get user, root is pretty stright forward. Don’t overcomplicate the inital foothold…

Can anybody explain me what’s the footprints?

@Cr4ck3rB0i said:

Can anybody explain me what’s the footprints?

Not sure I understand the question, sorry.

l said can u help me about it?

@Cr4ck3rB0i said:

l said can u help me about it?

I don’t know what footprints are in this context, sorry. It may be a translation issue.

If you are stuck on this box, I can certainly try to help.

yes absolutely l stuck. Can you help me?

@Cr4ck3rB0i said:

yes absolutely l stuck. Can you help me?

I can try.

firstly l found 2 open ports. and l searched them in metasploitabe, but l couldn’t find anything. Actually, l am new at ctf and it’s my first machine.