I’m stuck at the verboseless login page, I read comments regarding scripting and using burp intruder, but wait ! does it really mean discovering the UP server in that 1M IPs range ?!
@666reda said:
I’m stuck at the verboseless login page, I read comments regarding scripting and using burp intruder, but wait ! does it really mean discovering the UP server in that 1M IPs range ?!
No
@666reda said:
I’m stuck at the verboseless login page, I read comments regarding scripting and using burp intruder, but wait ! does it really mean discovering the UP server in that 1M IPs range ?!
Make sure when you are gathering information using the CLI tool that you examine more than just the cached HTTP objects - you’ll find what you’re looking for.
Finally got user. Took me a week. I think I may have been broken of my “use cURL for everything” habit. Burp does just make some things easier. On to root!
Edit: rooted! Great box, one of my favorites. Having had the pleasure of a 5k long sd file of ACLs, and having to constantly update p*e on my networks at $dayjob, I can speak from experience when I say that this is a pretty realistic box.
hi, currently stuck at root. I am root in the c*******r but dont know how to proceed from here. the usual things dont seem to work and the creds I found dont seem to work on ssh. I have the feeling that I am overseeing something really obvious. any nudge ? thx a lot.
@zaphoxx said:
hi, currently stuck at root. I am root in the c*******r but dont know how to proceed from here. the usual things dont seem to work and the creds I found dont seem to work on ssh. I have the feeling that I am overseeing something really obvious. any nudge ? thx a lot.
Try the creds somewhere else?
Type your comment> @TazWake said:
@zaphoxx said:
hi, currently stuck at root. I am root in the c*******r but dont know how to proceed from here. the usual things dont seem to work and the creds I found dont seem to work on ssh. I have the feeling that I am overseeing something really obvious. any nudge ? thx a lot.
Try the creds somewhere else?
nvm, feeling really stupid now. got it! I new I was missing something really trivial (thought I already tried that, but obviously I didnt) banging head on the keyboard
Finally root. Thanks to @TazWake who pushed me in the right direction at user and @HomeSen for showing that sometimes the trivial stuff is the solution to go for.
One of the best machines I have done so far. User was very instructive and root was relatively easy compared to user.
mm, what could be better, than watching this?
@ymka said:
mm, what could be better, than watching this?
That’s actually pretty awesome - nice work. I hope you’ve put it on github or similar.
some shitcode, just for a quick hand, not for everyone:)
For everyone is just this pict. DIY)
Just inspiration)
@TazWake said:
That’s actually pretty awesome - nice work. I hope you’ve put it on github or similar.
thx, dude.
or i could like encrypt the code with some password that you will get during digging. That could be cool. But i m not good at encryption at all.
You don’t have to share it if you don’t want to!
I was just thinking that now it is a retired box, it might be a useful script people could learn from - but, seriously, I didn’t mean to create any pressure or stress.
No, unbeli3vable. I rooted P****e much before i even got user on the box)
But, could anyone explain me in pm or somewhere why binary-search is not working in i*******.**p ? I see the source but don’t understand… It should work
I mean > < are not working for me.
Its a retired machine, there are walkthroughs available, so you don’t need to be as circumspect with the questions.
However, I don’t think I understand what you are asking here.
Spoiler Removed