Hi, I have exploited the thing and got RCE, but I cannot find a way to upgrade to a full shell with nc. When i try to get shell with netcat i saw ‘connection timeout=3’ error on results. Any help will be very good.
i find username and password but i cant access the manager , what happen ?
got user and found the script, completed the ‘challenge’ but the next script it tries to run is not found. Completely stuck!
nevermind, got root!
Totally in front of the wall.
I did enumération, nmap, dirb, and nikto but nothing…
I’ve also find some idea for exploit but it’s not working.
I’ve no idea of what to do…
Got RCE found a few creds to what seems like nothing lol a hint on what to do after rce… can’t seem to get a proper shell back. but I’ve been reading the file system and finding a lot of rabbit holes. A tip would be nice
@snowyDEN said:
Got RCE found a few creds to what seems like nothing lol a hint on what to do after rce… can’t seem to get a proper shell back. but I’ve been reading the file system and finding a lot of rabbit holes. A tip would be nice
Same here, a nudge would be appreciated.
If you have RCE you can reverse shell it… I didn’t manage to find the entry point yet. I am still enumerating and searching in a specific file that I manage to download
Is anyone else having trouble taking ACTION and running the appropriate exploit for a reverse shell? I can’t seem to get it to work correctly.
Looking for an entry point still can’t seem to find what I need. Found a file to download and went through it but still nothing. Need a nudge.
@zyaya said:
If you have RCE you can reverse shell it… I didn’t manage to find the entry point yet. I am still enumerating and searching in a specific file that I manage to download
Yeah, need to revisit methodology. I can get a shell returned but it dies can’t seem to handle std out. I’ll try more later. Oh if you get send me a hint. Thanks.
@NINGEN said:
Is anyone else having trouble taking ACTION and running the appropriate exploit for a reverse shell? I can’t seem to get it to work correctly.
Try use Burp as proxy. Strato seems to have some problems with communication (cant say if it is intended).
@h4x3r said:
HelloWorld make some Action please
The action you’re talking about is the one that allows you RCE? Because I still get a 4bidden response…
@iswearimnotalu said:
@h4x3r said:
HelloWorld make some Action pleaseThe action you’re talking about is the one that allows you RCE? Because I still get a 4bidden response…
try changing few things using burp
Nvm, I found out! A ■■■■ ■■■■■■■ path to find, I’d say…
@uck084 said:
I found a username and password, which supposed to login to management Web based GUI , but it doesn’t work and I have no clue what prevents my login! Please PM me if anyone get what I mean and wanna give some clue.
in the same boat, solved yet?
@iswearimnotalu said:
Nvm, I found out! A ■■■■ ■■■■■■■ path to find, I’d say…
Hi, any hint on how to discover that path? Have been banging my head on this for a while. Have been fuzzing for “actions” without success.
stuck with RCE , same as others , many rabbit holes , and i have nothing .
Guyz please gimme some clue about Blake2 I am stucked on it. At least just tell me is it the way or just a rabbit hole
Spoiler Removed - Arrexel