@calmit said:
I’ve found the interesting scripts as user1, struggling to figure out how to get them to execute for the txt. Can anyone help?
This has been answered as best it can be without spoilers several times in this thread.
./47691.sh: line 6: syntax error near unexpected token `done’
what the fisherman is that? I wonder if this is only made to teach people bash/sed/awk scripting.
im half dead already…please help.
should i continue enumerating even though editing this bash or sh script is what i need to do?
Are you googling about how to fix that bash error or have you given up?
anyone have problem accessing to the box on port 80 well since release i never got into it always infinity loading and sometimes connection timed out is it supposed to do that but if so how i’m gonna enumerate ?
@hansraj47 said:
./47691.sh: line 6: syntax error near unexpected token `done’
what the fisherman is that? I wonder if this is only made to teach people bash/sed/awk scripting.
Probably, although I am not sure, you are running it without supplying a URL.
If you just use filename.sh it doesn’t work, because it doesn’t know where to go.
If you use filename.sh http://example.com/target/site it is more likely to work.
hey guys, I’m feeling really stuck here. I got the www shell but cannot for the life of me past that. if anyone if feeling helpful could you please dm me. I don’t want the answers, I want to learn but just stuck (p.s. I’m pretty new)
@Raqune89 said:
hey guys, I’m feeling really stuck here. I got the www shell but cannot for the life of me past that. if anyone if feeling helpful could you please dm me. I don’t want the answers, I want to learn but just stuck (p.s. I’m pretty new)
I dont mean to be rude, but this question has been asked several times in this thread. Have a look, try the hints and tips people have provided and then you might be able to ask a better question.
The answer is still “use ls and cat to look around to find interesting or useful information”
@TazWake, I don’t think you’re rude. I had a feeling this was going to be the reply. I am looking around. Obviously not enough. I’ll just keep trying.
Thanks for replying anyway
@Raqune89 said:
@TazWake, I don’t think you’re rude. I had a feeling this was going to be the reply. I am looking around. Obviously not enough. I’ll just keep trying.
Thanks for replying anyway
No worries - keep in mind, if you are on a free box there is always a chance someone has broken it or moved the files.
Start by looking where you’ve landed. Look in all the folders. Read any files that look interesting. Remember people reuse passwords from one service on a different service.
@TazWake Thanks. I’ll keep pushing. will feel better if I do it on my own anyway haha. I’ve found a few things of interest, just need to figure out how to use them. cheers again
Working on user2
Curl completed but lacking credentials to use.
I’m uncertain if altering a m**n file is appropriate as it’s not owned by the user I want.
Type your comment> @ZeWanderer said:
I keeping running the 4****.sh script but I get a non-responsive $ shell. No matter what I type I get no output and a $. I’ve tried to pop a shell from it, but python, nc, and bash shells haven’t worked. Help or a hint as to what I’m doing wrong would be appreciated.
use the metasploit exploit with a linux payload
Type your comment> @kruu said:
Could anyone give me a hint please? I’m having trouble understanding the script. I’m just getting a $ and no command execution. I’m also not sure where to begin with manually doing it.
Thank you for your time.
use metasploit with a linux payload
the broken script works for user… 
Type your comment> @inc0gnit0 said:
Type your comment> @kruu said:
Could anyone give me a hint please? I’m having trouble understanding the script. I’m just getting a $ and no command execution. I’m also not sure where to begin with manually doing it.
Thank you for your time.
use metasploit with a linux payload
can also use php reverse shell. worked for me.