Posts: 216
Threads: 42
Joined: Nov 2024
Feb 01, 2025, 02:47 PM
(This post was last modified: Feb 02, 2025, 05:46 AM by RedBlock.
Edit Reason: Added quick user and root.
)
One more box to enjoy
This one is gonna be medium box.
Author's github repo:
https://github.com/FisMatHack
1. user.txt
ssh axel@10.10.XX.XX
pass: aNdZwgC4tI9gnVXv_e3Q
2. root.txt
axel@cat:~$ su root
pass: IKw75eR0MR7CMIxhH0
Posts: 50
Threads: 0
Joined: Jan 2025
Intersting mate thx This forum account is currently banned. Ban Length: Permanent (N/A Remaining)
Ban Reason: Leeching | http://c66go4clkqodr7tdjfu76jztjs7w7d3fajdeypxn73v4ju3dt7g5yyyd.onion/Forum-Ban-Appeals if you feel this is incorrect.
Posts: 19
Threads: 1
Joined: Jun 2024
(Feb 01, 2025, 02:47 PM)LostGem Wrote: One more box to enjoy
This one is gonna be medium box.
Author's github repo:
https://github.com/FisMatHack
BackDropCMS does have an authenticated RCE, so I wonder if that'll be the topic for initial access combined with that repo in his GitHub. Just in case anyone wants to have it on hand: https://www.exploit-db.com/exploits/52021
Posts: 216
Threads: 42
Joined: Nov 2024
(Feb 01, 2025, 06:05 PM)ShitWhiffler Wrote: (Feb 01, 2025, 02:47 PM)LostGem Wrote: One more box to enjoy
This one is gonna be medium box.
Author's github repo:
https://github.com/FisMatHack
BackDropCMS does have an authenticated RCE, so I wonder if that'll be the topic for initial access combined with that repo in his GitHub. Just in case anyone wants to have it on hand: https://www.exploit-db.com/exploits/52021 Yeah it might be the way, let's see.
Posts: 15
Threads: 0
Joined: Jan 2025
Feb 01, 2025, 06:43 PM
(This post was last modified: Feb 01, 2025, 06:44 PM by saul.)
(Feb 01, 2025, 02:47 PM)LostGem Wrote: One more box to enjoy
This one is gonna be medium box.
Author's github repo:
https://github.com/FisMatHack
Thanks for sharing friend!
Posts: 216
Threads: 42
Joined: Nov 2024
Posts: 5
Threads: 0
Joined: Jul 2024
Feb 01, 2025, 07:20 PM
(This post was last modified: Feb 01, 2025, 07:21 PM by oahofat.)
cat admin.php
<?php
session_start();
include 'config.php';
// Check if the user is logged in
if (!isset($_SESSION['username']) || $_SESSION['username'] !== 'axel') {
header("Location: /join.php");
exit();
}
Posts: 196
Threads: 31
Joined: Apr 2024
http://cat.htb/.git/config
its forbidden but you can still use git dumper
Posts: 24
Threads: 0
Joined: Dec 2023
Feb 01, 2025, 07:21 PM
(This post was last modified: Feb 01, 2025, 07:23 PM by Globules.)
axel2017@ Gmail.com
axel
backup emeil for google account : axe••••••@ hotmail.fr
Posts: 39
Threads: 2
Joined: Oct 2024
(Feb 01, 2025, 07:20 PM)oahofat Wrote: cat admin.php
<?php
session_start();
include 'config.php';
// Check if the user is logged in
if (!isset($_SESSION['username']) || $_SESSION['username'] !== 'axel') {
header("Location: /join.php");
exit();
}
how you got this
|
