Possibly Related Threads…

pokemon6969 · Sep 03, 2023, 07:43 PM

I need help. I did the initial scan and reached until the Whitelabel Error Page. I do not know how to exploit it from here onwards. Some one help me

Nmap scan report for 10.10.11.230
Host is up (0.49s latency).
Not shown: 997 closed tcp ports (reset)
PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 8.9p1 Ubuntu 3ubuntu0.3 (Ubuntu Linux; protocol 2.0)
| ssh-hostkey:
| 256 43:56:bc:a7:f2:ec:46:dd:c1:0f:83:30:4c:2c:aa:a8 (ECDSA)
|_ 256 6f:7a:6c:3f:a6:8d:e2:75:95:d4:7b:71:ac:4f:7e:42 (ED25519)
80/tcp open http nginx 1.18.0 (Ubuntu)
|_http-server-header: nginx/1.18.0 (Ubuntu)
|_http-title: Did not follow redirect to http://cozyhosting.htb

9xEntEr · Sep 03, 2023, 08:00 PM

Not exploting the error. Google error to find boot fremwork, use special wordlist for enumereting framework.

tiredhacker · Sep 03, 2023, 08:02 PM

(Sep 03, 2023, 07:43 PM)pokemon6969 Wrote: I need help. I did the initial scan and reached until the Whitelabel Error Page. I do not know how to exploit it from here onwards. Some one help me

Nmap scan report for 10.10.11.230
Host is up (0.49s latency).
Not shown: 997 closed tcp ports (reset)
PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 8.9p1 Ubuntu 3ubuntu0.3 (Ubuntu Linux; protocol 2.0)
| ssh-hostkey:
| 256 43:56:bc:a7:f2:ec:46:dd:c1:0f:83:30:4c:2c:aa:a8 (ECDSA)
|_ 256 6f:7a:6c:3f:a6:8d:e2:75:95:d4:7b:71:ac:4f:7e:42 (ED25519)
80/tcp open http nginx 1.18.0 (Ubuntu)
|_http-server-header: nginx/1.18.0 (Ubuntu)
|_http-title: Did not follow redirect to http://cozyhosting.htb

pm me.....

This forum account is currently banned. Ban Length: Permanent (N/A Remaining)
Ban Reason: Reselling another users exam.

artifice · Sep 03, 2023, 08:41 PM

pm if you need help, but the error page should give it all away

bojackHorseman · Sep 03, 2023, 08:44 PM

U should get cookie

monkeythefirst · Sep 04, 2023, 12:00 AM

Hi everybody. I can not get /admin page; i got Cookie (JSESSIONID) of user kanderson, reloads some pages with it - no result. PLS any hint. Thanks advance.

guacadmin · Sep 04, 2023, 12:35 AM

(Sep 04, 2023, 12:00 AM)monkeythefirst Wrote: Hi everybody. I can not get /admin page; i got Cookie (JSESSIONID) of user kanderson, reloads some pages with it - no result. PLS any hint. Thanks advance.

you just need to edit your current cookie and refresh the webpage. (your cookie should now be the kanderson cookie that you found on that endpoint.)

mkevin · Sep 04, 2023, 12:46 AM

(Sep 04, 2023, 12:45 AM)SONIC Wrote:
(Sep 04, 2023, 12:35 AM)guacadmin Wrote:
(Sep 04, 2023, 12:00 AM)monkeythefirst Wrote: Hi everybody. I can not get /admin page; i got Cookie (JSESSIONID) of user kanderson, reloads some pages with it - no result. PLS any hint. Thanks advance.

you just need to edit your current cookie and refresh the webpage. (your cookie should now be the kanderson cookie that you found on that endpoint.)

Can you provide the commandsds

you can do it with burpsuite

creativethinking2111 · Sep 04, 2023, 12:49 AM

Need help on getting user. I am currently in a shell as app. No clue what to do next. Thank you!

hackxor · Sep 04, 2023, 12:49 AM

(Sep 04, 2023, 12:49 AM)creativethinking2111 Wrote: Need help on getting user. I am currently in a shell as app. No clue what to do next. Thank you!

looks for postgresql

Possibly Related Threads…
Thread		Author	Replies	Views	Last Post
	[FREE] CPTS 12 FLAGS	pulsebreaker	66	1,774	2 hours ago Last Post: vlka
	[FREE] 300+ Writeups PDF HackTheBox/HTB premium retired	Tamarisk	370	92,500	7 hours ago Last Post: lifolifo007
	Hack the box Pro Labs, VIP, VIP+ 1 month free Method	RedBlock	23	2,209	10 hours ago Last Post: kkkato
	[FREE] HackTheBox Academy - CBBH CDSA CPTS All Modules Flags	Techtom	20	2,521	Apr 29, 2026, 11:06 PM Last Post: op334
	[FREE] HackTheBox All Cheatsheets	Tamarisk	3	414	Apr 29, 2026, 10:36 PM Last Post: op334