Possibly Related Threads…

UVB76 · Nov 18, 2024, 11:57 PM

Constant broken ssh pipe errors man, hard to get this Chisel up and secure ffs.

ir0nman4l1f3 · Nov 19, 2024, 12:56 PM

Can anyone provide nudges for the following flags? I have access to the 200.a and 300.a AutomationX web apps using the creds found in the PDF, but not sure what is supposed to be done from here?

1. There is always another way
2. The secret is out!
3. The secret recipe.. Part 2
4. Who turned the heat up?!
5. The secret recipe.. Part 1
6. This didn't age well..
7. What a waste of good beer!

roboot · (This post was last modified: Dec 01, 2024, 06:36 PM by roboot.)

hi anyone help web01 me to rope rusty i don't found creds

UVB76 · Dec 04, 2024, 01:49 AM

Still encountering friggen broken pipe errors messing up any kind of persistence. Cannot tell still if this is design or something actually going on.

I am sure using Chisel etc is the way to tunnel further to find IPs on bacnet - any suggestions for this part?

(Have logged on to the SSH account using creds obtained)

a44857437 · Dec 04, 2024, 07:33 AM

(Dec 04, 2024, 01:49 AM)UVB76 Wrote: Still encountering friggen broken pipe errors messing up any kind of persistence. Cannot tell still if this is design or something actually going on.

I am sure using Chisel etc is the way to tunnel further to find IPs on bacnet - any suggestions for this part?

(Have logged on to the SSH account using creds obtained)

have you tried ligolo-ng? works better for me... run it as a background job with nohup

bl4ckf0xk · Dec 08, 2024, 06:58 AM

Anyone can give me a hint on How to escalate my privileges on DC. I have logins for two users. But I can't get Admin privileges from any of them.

roboot · Dec 15, 2024, 01:04 PM

(Dec 08, 2024, 06:58 AM)bl4ckf0xk Wrote: Anyone can give me a hint on How to escalate my privileges on DC. I have logins for two users. But I can't get Admin privileges from any of them.

look bloodhound and enumeration directory

bl4ckf0xk · (This post was last modified: Dec 17, 2024, 03:44 PM by bl4ckf0xk.)

For the PLC part how to find the PLC port. started in .14 but nmap scan shows 502 is closed and how to start the process of compromising it

UVB76 · Dec 18, 2024, 11:01 PM

(Dec 04, 2024, 07:33 AM)a44857437 Wrote:
(Dec 04, 2024, 01:49 AM)UVB76 Wrote: Still encountering friggen broken pipe errors messing up any kind of persistence. Cannot tell still if this is design or something actually going on.

I am sure using Chisel etc is the way to tunnel further to find IPs on bacnet - any suggestions for this part?

(Have logged on to the SSH account using creds obtained)

have you tried ligolo-ng? works better for me... run it as a background job with nohup

Will give this a try - thank you!

Sqweez · Dec 20, 2024, 04:57 AM

Guys, i need help please. I have no idea how to do eternal blue to EW through proxy. Can someone give me a hint how to do it?

Possibly Related Threads…
Thread		Author	Replies	Views	Last Post
	[MEGALEAK] HackTheBox ProLabs, Fortress, Endgame - Alchemy, 250 Flags, leak htb-bot	htb-bot	87	7,971	1 hour ago Last Post: char0n1507
	[FREE] HackTheBox All Cheatsheets	Tamarisk	9	563	1 hour ago Last Post: char0n1507
	CBBH Write Ups	hiddenhacker	23	6,341	2 hours ago Last Post: somecrazykid
	[FREE] HackTheBox Academy - CBBH CDSA CPTS All Modules Flags	Techtom	26	2,796	2 hours ago Last Post: Neuromanc3r
	[FREE] CPTS 12 FLAGS	pulsebreaker	72	2,219	4 hours ago Last Post: coolguyaroundyou