Postman

Type your comment> @Dark0 said:

There is a very good book called: Kali Linux - An Ethical Hacker’s Cookbook is Great, good luck guys

After get inform nmap and search keyword from this book it’s very useful. Thank you

Type your comment> @Matbe34 said:

Managed to get low priv shell a few days ago but can’t find a way to user :frowning:
I’ve found the i*****.**k, got the password with john but when i try to connect with ssh it closes the connection
Any nudge?

think of any other way beside s** to connect?

@ananb said:
Type your comment> @Franna said:

Can someone please nudge me on how to bypass ss* De*** config for the user?

if your already in terminal on r**** how do you switch users without starting a new connection?

i never did look at ssh config can you tell me what the De*** is and does?
got root the other day if anyone needs help let me know! (:

De** prevents you to s** as that user. if you can’t s** maybe there is other way to get in using the pa***** that you got from j***

@andy1979s said:
Type your comment> @ananb said:

Type your comment> @Franna said:

Can someone please nudge me on how to bypass ss* De*** config for the user?

if your already in terminal on r**** how do you switch users without starting a new connection?

i never did look at ssh config can you tell me what the De*** is and does?
got root the other day if anyone needs help let me know! (:

I wouldnt mind some help… Noob trying first pop :-)… got as far as figuring out that R***s is possibly the way in … got some sort of connection to it, but stuck

keep trying, maybe when there are other people not trying…

why does “(error) READONLY You can’t write against a read only slave.” occur sometimes when using f*all?

Type your comment> @ascannerdarkly said:

why does “(error) READONLY You can’t write against a read only slave.” occur sometimes when using f*all?

if you google it you’ll know why.

Hello guys!

I am stuck at getting interactive shell and need a hint. There is no M…e command in r…s.
Tried to make keys and save them in u…d folder but didnt work. Out of ideas.

Finally reread cookbook and found how to do this way. My idea was close

can anyone nudge me on what file to look for when trying to elevate to user? i feel like i’ve looked everywhere and nothing is jumping out at me

Type your comment> @ascannerdarkly said:

can anyone nudge me on what file to look for when trying to elevate to user? i feel like i’ve looked everywhere and nothing is jumping out at me

Back to the Root and start your walk again. You don’t need to go too high.

Rooted…

Thanks for this box @TheCyberGeek .

Hint : Don’t forget a port…

Feel free to PM me for more hints if you want.

Finally rooted. Rooted even faster then got user… anyway learned quite a lot as i am newbie. After interactive shell was quite easy.

Type your comment> @Franna said:

(Quote)
keep trying, maybe when there are other people not trying…

I will keep on trying… Thanks ??

Hey mates! Downloaded a exploit from exploitdb and added it to a custom dir under metasploit folders, metasploit dosent find it and specifiing the dir in msfconsole returns Failed to load module: exploit/cm/4***4.rb
I have added exploits before using the same method and they worked. tried adding to default metasploit dirs and got the same error loading it. Does anyone experienced anything like this adding the exploit for postman root (i guess it is this one xD )?

edit: nvm, updated msfconsole
rooted :wink:

Type your comment> @Franna said:

Type your comment> @Matbe34 said:

Managed to get low priv shell a few days ago but can’t find a way to user :frowning:
I’ve found the i*****.**k, got the password with john but when i try to connect with ssh it closes the connection
Any nudge?

think of any other way beside s** to connect?

Same as me too

Type your comment> @Ghost40 said:

Type your comment> @choconilla said:

Can’t seem to find w*n or r in my enumeration. Can someone PM me? This is only my second box.

Did you scan all the ports?

how do you know if need to scan for r**** ports in the first place? when i did a simple scan (sV), i got 8*,2* and 1**** ports…

Rooted :slight_smile: If anyone needs any help feel free to ping me :slight_smile:

Someone help me, how do I get the exploit for r**** to work?

it is so annoying that I s** -i worked once after that it didnt there are too many people on this

user was relatively okay, root was annoying because the exploit i used didn’t work for some reason? had to intercept the requests and pass them on 1:1 and then they worked for some reason

I’m pretty sure I have the right exploit for initial foothold, but how do you enumerate the user to add the s** key… or am I completely wrong!