Shrek enumeration help

Hello All,

I am new to the pentesting and also this community. I can humbly say that i had a tough time even getting the invite code challenge done, but that’s ok i’m just getting started in this .

I am now on shrek for the last 2 days. I have dirbusted the heck out of the web directory and see multiple things in some of “some folders” . I do see a few of the files in one of the folders has some unknown formatting within them, however, i’m not able to tell how these maybe encoded/formatted. As i think these are the key to getting initial shell or access, can someone point me in the right direction? The other items I see in there seem to be red herrings

Thanks

@mrb1rd17 said:
Hello All,

I am new to the pentesting and also this community. I can humbly say that i had a tough time even getting the invite code challenge done, but that’s ok i’m just getting started in this .

I am now on shrek for the last 2 days. I have dirbusted the heck out of the web directory and see multiple things in some of “some folders” . I do see a few of the files in one of the folders has some unknown formatting within them, however, i’m not able to tell how these maybe encoded/formatted. As i think these are the key to getting initial shell or access, can someone point me in the right direction? The other items I see in there seem to be red herrings

Thanks

Yes the files you mention are indeed keys for further going into the box. Enumerate better and read everything closely. You will find things that will help you find the way in.

use dirbuster, then check carefully some dirs

ended up getting some info to get on to the next step