Sense

Hi ,

Can anyone give a hint on the machine Sense? I have verified few issues but unable to hit it.

I am also stuck with this machine. but it is rated as easy. Wondering what am I missing… :confused:

This had me stumped a little bit, web enumeration is key for the first half the assessment. After that, it’s easier. However, the second step - While simple, may not work and will drive you up the wall, so issue the box a reset.

But, enumeration is key to be fair for all aspects of this box. It will give information that you can then use to build a selection of exploits to try.

I had some issues myself. Look into different types of encoding you can use

i followed proper step …proper encoding i used …but still my shell not connects with box…

@briyani said:
I am also stuck with this machine. but it is rated as easy. Wondering what am I missing… :confused:

use web enumeration … dirbuster …:wink:

done it …got root …

Okay, I’m sorry, but I’m still not quite getting this one.

I’ve been using dirbuster recursively against this with various different wordlists (both in Kali and on repositories like GitHub - danielmiessler/SecLists: SecLists is the security tester's companion. It's a collecti). I’ve edited the various different options to change headers and include txt,md,rc,conf,cnf,inc,php,html,cgi,phtml,pl,py files…

I’m really no so sure what I’m missing or if I’m just not recognizing this one. I’ve found a couple files that are moderately interesting, but I’ve not been able to go anywhere with them. Could you tell me, with the above settings, should I be able to find what I need to move on, or am I still missing something?

Perhaps I’m just recognizing the attack vector…

Okay, nvm… I think I’ve got something…

@5aru said:
Okay, I’m sorry, but I’m still not quite getting this one.

I’ve been using dirbuster recursively against this with various different wordlists (both in Kali and on repositories like GitHub - danielmiessler/SecLists: SecLists is the security tester's companion. It's a collecti). I’ve edited the various different options to change headers and include txt,md,rc,conf,cnf,inc,php,html,cgi,phtml,pl,py files…

I’m really no so sure what I’m missing or if I’m just not recognizing this one. I’ve found a couple files that are moderately interesting, but I’ve not been able to go anywhere with them. Could you tell me, with the above settings, should I be able to find what I need to move on, or am I still missing something?

Perhaps I’m just recognizing the attack vector…

If you’ve done everything you said here, you have your initial foothold in front of you. Now to make use of it.

Hi all, I have been at this box for an entire day. I have enumerated a whole lot of different potential things. I would just like to know if I am on the right path trying to gain an initial foothold.

I think I might have the correct vector, but I am unsure of how to use it. Is there someone that I can PM about this?

So I managed to get the flags in the end. Is there someone that I can PM about the intended way/method?

The intended way is the way that you did it. You got them both using the same method, right?

I’m sorry, I’m still a bit lost. I feel like I’m missing a crucial piece of information. I’ve found these files and some information that gives me a username (Sorry, I’m trying to be vague), but I still don’t have a way of getting a password. I could try guessing passwords, but the box has a lockout after so many passwords, so that is pretty useless unless I’m gonna sit here and keep resetting the box. I’ve been scanning and scraping for a week now hoping that I’d find something else that I’m missing. I’ve checked certificates, cookies, directories, etc… Once I get this one piece, the exploit is obvious, but I’m lost on what I’m missing and I don’t seem to be making any more progress

@5aru - the username and password are located in the same exact place. Think about what software the machine is running and then read what the file says about the users password. One thing that tripped me up - the username is capitalized when you read it, but the correct username to log in with is not. Hope that helps.

That was it, thank you. I assumed the username was exactly as it appeared

@5aru said:
That was it, thank you. I assumed the username was exactly as it appeared

Same. This tripped me up for a hot minute. Congrats.

totally lost SENSE in this box. Did dirbuster but couldn’t find anything useful. can anyone PM me the hind.

Guys, hint on what to do after login? I’ve tried many exploits

@MrRobotty try playing with dirb or nmap and continue the journey …