Possibly Related Threads…

0xb137c88eb5 · Aug 25, 2023, 01:24 AM

Any nudge for "method" payload escaping? Tried a lot of payloads, have no idea now

nonameokie · Aug 25, 2023, 01:57 PM

Anyone has john's creds? please share PM or reply

Liliye · Aug 25, 2023, 02:20 PM

does anyone have john creds, pls PM, have tried a lot but every attempt failed plss

admin123 · Aug 25, 2023, 08:17 PM

(Aug 25, 2023, 01:24 AM)0xb137c88eb5 Wrote: Any nudge for "method" payload escaping? Tried a lot of payloads, have no idea now

for special symbols escaper try this one -> https://onlinestringtools.com/escape-string

0xb137c88eb5 · Aug 26, 2023, 03:56 PM

Can someone share root compose.yml file? Will gift the rank for that hero Heart

lnf02 · (This post was last modified: Aug 26, 2023, 06:11 PM by lnf02.)

(Aug 26, 2023, 03:56 PM)0xb137c88eb5 Wrote: Can someone share root compose.yml file? Will gift the rank for that hero

It's quite simple, the python script checks for some common "flags/options" on docker containers to avoid LPE with docker.
But it's missing some parts...
You have 2 options to make it to root with docker-compose.
- Option 1:

Hidden Content

You must register or login to view this content.

And rooted!

Resource where you can get more information about:
https://docs.docker.com/compose/compose-...e-file-v3/

Cheers! Don't be an script kiddie! Understand the vulnerabilities, then exploit them!

Edit: the code it's not php, but otherwise the format would be fucked up...

fraudster · Aug 26, 2023, 06:30 PM

(Aug 19, 2023, 08:16 PM)hooneyman Wrote: I'm Starting with Cybermonday #hard machine... we can to put our hints here for help.

22/tcp open ssh syn-ack ttl 63
80/tcp open http syn-ack ttl 62

in cybermonday.htb/.htacess

<IfModule mod_rewrite.c>
<IfModule mod_negotiation.c>
Options -MultiViews -Indexes
</IfModule>

RewriteEngine On

# Handle Authorization Header
RewriteCond %{HTTP:Authorization} .
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]

# Redirect Trailing Slashes If Not A Folder...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} (.+)/$
RewriteRule ^ %1 [L,R=301]

# Send Requests To Front Controller...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [L]
</IfModule>

But i think right path is injecting SQL or working with LARAVEL.. i got some errors with laravel console.

ooh intresting

Tinfoil8124 · Aug 28, 2023, 09:15 AM

this can help me somuch

Addka72424 · Oct 02, 2023, 09:08 AM

The last non-spam response in the topic was more than a month ago. I close the topic as irrelevant to prevent spam. If this is not the case, please send a pm and I will open the topic for discussion again.

Possibly Related Threads…
Thread		Author	Replies	Views	Last Post
	[FREE] HackTheBox Dante - complete writeup written by Tamarisk	Tamarisk	602	92,016	Yesterday, 06:48 PM Last Post: sabero_exe
	[FREE] CPTS 12 FLAGS	pulsebreaker	68	1,998	Yesterday, 09:54 AM Last Post: VictorPipeau
	[FREE] 300+ Writeups PDF HackTheBox/HTB premium retired	Tamarisk	371	93,053	Yesterday, 08:48 AM Last Post: phannguyenbaouy1
	[FREE] HackTheBox Academy - CBBH CDSA CPTS All Modules Flags	Techtom	21	2,642	Yesterday, 05:08 AM Last Post: popoler
	Hack the box Pro Labs, VIP, VIP+ 1 month free Method	RedBlock	23	2,292	Apr 30, 2026, 02:10 PM Last Post: kkkato