Wall

HTB Content Machines
681

@mewt Try using software like w**** againt the a** with the user you found.

682

Stuck with shell and w*-d* user, can someone please DM me any hint?

683

ROOTED finally!

684

CVE for c******* isn’t working anymore, can anyone PM me telling where to get the p****r token?

Edit: never mind got a shell.

685

Rooted.
pm if you need a nudge

686

You don’t have permission to access /c*******/main.***.php on this server.

I got this error when exploiting the machine
Any hint

687

Type your comment> @ghost5egy said:

You don’t have permission to access /c*******/main.***.php on this server.

I got this error when exploiting the machine
Any hint

you probably need to login first to see this page.

688

Rooted. Initial shell was a ■■■■■. After kicking myself in the ■■■, user and root were simple. Just enumerate. Stick to the basics after you get that ■■■■■ of a shell. DM me for if you need a nudge.

689

@Franna the exploit logged in before exploiting the bug

690

Finally i get the password cred so painfull part for me.
Don’t listen to those who say that the password must be in the first 50 of the list or other, the login is easy but with the basic wordlist of kali linux, you will take a long time.
I used another list.

691

DM me if you want help

692

Seems the box breaks if someone tries a payload with “0>&1”

Unable to reset @askar

693

Hi Guys, i have managed to find C******** page and got the login details. Moved on to the RCE exploit, i have made the script not complain anymore but don’t get a shell when it looks like it successfully runs, tried multiple methods of rev shell but still doesn’t work. Can anybody assist?

694

Rooted. Almost every step needed some massaging to work, but at least root was simple. If you’re having trouble with the exploit script, I would recommend modifying it to spit out the output of the request, just to confirm some things.

Feel free to PM for nudge.

695

Rooted!

If need help you can send me pm!

696

Hey. My first box here. I found the m********* page but cant seem to get the creds right even after all the teachers and verbs hint. Anyone able to help? Feel free to PM me if you are available

697

I’m stuck…

I modified the CVE script, but no matter what, i get a bad session in the end, even with the payload returning 200. (Or this is the right behavior?)

I read the CVE explanation from the author, tried to exploit manually through the UI, but i always get redirected to index.php after login, with 403 code.

I gave a shot at the a**, but the authentication returns 403 forbidden also.

I don’t know what else to try… need some help!

I was just being dumb, i though i had the right credentials… Everything works now.

698

So i am running the modified CVE and can get 200 status code back instead of 403. The data gets inserted into where I expect it… not sure where to go from here as I cant get anything sent to a Netcat session

699

Trying nmap and dirb did not get valid information, should I increase enumeration?

700

root@Wall:/#

Perfect Box for me.

Foothold:
Why enumerate with dirb?
'Enumerate the creator :wink:
No need for bruteforce the credientals are basic af.

Tip : teacher hints were not helpful for me at all

User : If the exploit doesnt work… maybe try triggering the servicr directly without any exploit…

Root : Crack the ‘screen’ already.

As always if spoiled too much remove this :slight_smile:

Feel free to pm.

Thanks to @rholas for the hints