trying to exploit the 5000 port of docker but can just find two endpoints, health and version, can’t understand what kind of service is that, any hint?
You don‘t must to enumerate this host for subdomains, made a ssh port forwarding with this port and navigate to it
was enumerating chisel instead of the container… xd
I had also problems with them, but suddently it worked. Maybe restarting the machine will solve the problem. You try with to login with the user ps_user
?
Port 80 is open but not accessible at browser level, is this normal or do i have some connection issue ?
Connection has timed out on browser
I think issue is, one dont have permission to log into db with user www-data, else, db should be dump with -e
If you’ve landed what should be the “final” shell but are coming up unexpectedly empty, here’s a quick hint to push you in the right direction:
“Never discount the value of multiple backup locations, or the contents of these files. They might be outdated, but they may also contain valuable information.”
IDK why I’m not getting a shell, I’m using the jinja exploit from the author and it’s not giving a shell back but it’s detecting changes on my URL.
Hints on what I need to look at here pls everyone.
(post deleted by author)