I keeping running the 4****.sh script but I get a non-responsive $ shell. No matter what I type I get no output and a $. I’ve tried to pop a shell from it, but python, nc, and bash shells haven’t worked. Help or a hint as to what I’m doing wrong would be appreciated.
Check the syntax. Make sure you’ve invoked it correctly if you’ve used the one from searchsploit and be patient. The box can become very slow to respond.
I never managed to get a reverse shell this way though - you don’t need it.
I keeping running the 4****.sh script but I get a non-responsive $ shell. No matter what I type I get no output and a $. I’ve tried to pop a shell from it, but python, nc, and bash shells haven’t worked. Help or a hint as to what I’m doing wrong would be appreciated.
Easy one. Spent a bit too long figuring out where some interesting files where being served. When I turned on my brain I knew where to look and the rest was easy.
Easy one. Spent a bit too long figuring out where some interesting files where being served. When I turned on my brain I knew where to look and the rest was easy.
The machine was fun, it took me more time than I am happy to admin, but that’s life.
Few hints that helped me and I didn’t see mentioned.
Foothold: The Google-provided script works well, but to upgrade I had to use a wrapper script to call home.
User: Look at curl options to do what you want without any hassle.
User: You don’t actually need to use the loot, you can just authorize yourself
I keeping running the 4****.sh script but I get a non-responsive $ shell. No matter what I type I get no output and a $. I’ve tried to pop a shell from it, but python, nc, and bash shells haven’t worked. Help or a hint as to what I’m doing wrong would be appreciated.
can anyone DM me on how i can upgrade my initial shell, i cant do anything with it atm.
You may not need to upgrade it. If you can use it to ls and cat then you have enough. It might just be a bit tedious working through various parts of the filesystem, but make sure you have fully explored around where you’ve landed before you move out too far.
Could anyone give me a hint please? I’m having trouble understanding the script. I’m just getting a $ and no command execution. I’m also not sure where to begin with manually doing it.
Any tips? I had www-data and one user account within about 30 minutes of this box launching, and been stuck there since…and have yet to see the user flag. Can anyone who’s rooted PM me to chat real quick? I can’t be far.