In order to enumerate and if you are looking particular word it is better to switch to change and take advantage of powerful tools in shell. In this particular box I used this method instead of reading one file each time.
I dont doubt it can make things a bit easier but you can get what you need with about four commands.
Seems if someone is struggling to get a shell, they could make life easier by not bothering.
Sure. but for begginners could be a bit strees to read thousand of files if they are not sure where to find. But agree with you. No debate about this
Hi guys !
I’m kind of stuck. I got the “n***a” password from j***y, but I can’t find a way to access a webpage not in www/html. Am I missing something obvious ?
Possibly. You also dont have the right password.
I don’t want to reveal it, but I think I got it…
EDIT : I found the open port on localhost but I don’t know if I can do anything with it
Yes, yes you can.
Do you have a hint ?
EDIT : Oh nevermind ! I was trying to curl the wrong file. Stupid me…
Found the hidden port and the folder with the code, got user.txt with the code.
I see there’s a GTFO bin with priv esc to edit something.
Seems I can’t run the GTFO bin the same way I got user.txt.
Should I try harder this approach?
Or am I totally lost here?
Who is the guy that leave a file priv.save.1? I was working on this and suddently appears there. Not sure if I generated this but I doubt. be carefull leaving clues on the system. Thank you.
Well, finally rooted. First time by finding the answer in a file outside root folder. People should clean up work after finish.
Second time by my own. I learn interesting things with this box. If somebody need a liitle push via nudge, let me know and I’ll share my findings. Just clear enough to go on without losing the dream of doing by yourself.
As always, thank you for your comments in this forum. Nices clues. And thanks to those users who give me help.
Now, time to face another one. Any advice? For the moment the easy ones. I am still noob.
Hello can anyone give me a nudge, I have the password for user j****a I cant seem to find what this should unlock I’ve tried SSH and have tried to access the SQL running but no luck.
Quite a lesson in enumeration, web server setups and passphrase cracking.
One of my favorites on here.
Initial Foothold: sort of obvious…look at the name of the box.
User1 : Enumerate and user habits
User2 : networking is important and my buddy john helped.
Root: GTFO Bin…honestly, I did not know how easy those were.
Hello can anyone give me a nudge, I have the password for user j****a I cant seem to find what this should unlock I’ve tried SSH and have tried to access the SQL running but no luck.
Depends on what you mean when you say you have the password for j*****a. Theres a few steps required to successfully gain access via ssh. If youre sure you followed those steps correctly, than its not unlikely that someone messed with the machine and you might have to reset it. I’ve been having this problem alot with this box so its worth considering as well.
I’m pretty confused here. I just started on this box last night, but had to stop and decided to resume today.
On my initial scan, I ran: nmap -vv -A -Pn 10.10.10.171
I found I think, 9 services. Today, using several different options, I only find 2 of them, all other ports are closed. Why would this happen on a box?
Found the hidden port and the folder with the code, got user.txt with the code.
I see there’s a GTFO bin with priv esc to edit something.
Seems I can’t run the GTFO bin the same way I got user.txt.
Not sure what this means - you dont need a GTFO to get user.
Hello can anyone give me a nudge, I have the password for user j****a I cant seem to find what this should unlock I’ve tried SSH and have tried to access the SQL running but no luck.
If you have the password for that account, it unlocks the thing you got the password from.
