Return to forum
Carpediem - HTB [Discussion]
by - Thursday, January 1, 1970 at 12:00 AM
Advanced User
Advanced
Posts: 56
Threads: 0
Joined: N/A
Reputation: 1

#51
June 26, 2022 at 8:02 AM
Used Chisel to forward to .2:443, which has a mostly functioning https page (backdrop.carpediem), with yet another login page. I wasn't able to get to the page with backdrop.carpediem.htb:443 or https://backdrop.carpediem.htb. It only seems to be accessible internally. May be worth checking out.
Reply
Hellfire
GOD
Posts: 104
Threads: 0
Joined: N/A
Reputation: 32

#52
June 26, 2022 at 8:56 AM
there're so much things in this Box but all are straight forward that's why it's Hard else it will be Insane Box
Reply
Advanced User
Advanced
Posts: 57
Threads: 0
Joined: N/A
Reputation: 32

#53
June 26, 2022 at 12:01 PM
How tf am I supposed to listen to the voicemail through VOIP
Reply
Hellfire
GOD
Posts: 104
Threads: 0
Joined: N/A
Reputation: 32

#54
June 26, 2022 at 12:11 PM
(June 26, 2022, 12:01 PM)Erik Wrote: How tf am I supposed to listen to the voicemail through VOIP


call 911 :kappa:
Reply
Member
Member
Posts: 17
Threads: 0
Joined: N/A
Reputation: 0

#55
June 26, 2022 at 12:35 PM
(June 26, 2022, 12:01 PM)Erik Wrote: How tf am I supposed to listen to the voicemail through VOIP


I found SIP on port 5060 udp and it seems vulnerable.
trying bruteforcing usernames but no luck.
any progress?
Reply
Advanced User
Advanced
Posts: 57
Threads: 0
Joined: N/A
Reputation: 32

#56
June 26, 2022 at 12:39 PM
Gotta love the pwnbox not allowing you to hear anything, really useful for this box
Reply
Advanced User
Advanced
Posts: 57
Threads: 0
Joined: N/A
Reputation: 32

#57
June 26, 2022 at 12:48 PM
(June 26, 2022, 12:45 PM)Internetdreams Wrote:
(June 26, 2022, 12:39 PM)Erik Wrote: Gotta love the pwnbox not allowing you to hear anything, really useful for this box


Redirect it to a file and download it


Mind telling me how to do it ? Most options on the software are disabled
Reply
Elite User
Elite
Posts: 132
Threads: 0
Joined: N/A
Reputation: 5

#58
June 26, 2022 at 12:56 PM
https://backdrop.carpediem.htb
=> valid User: jpardella
=> Email: jpardella.carpediem.htb

Does someone know what are the hash types for trudesk ?
$2b$10$CSRmXjH/psp9DdPmVjEYLOUEkgD7x8ax1S1yks4CTrbV6bfgBFXqW
$2b$10$nNoQGPes116eTUUl/3C8keEwZAeCfHCmX1t.yA1X3944WB2F.z2GK
$2b$10$imwoLPu0Au8LjNr08GXGy.xk/Exyr9PhKYk1lC/sKAfMFd5i3HrmS
$2b$10$n4yEOTLGA0SuQ.o0CbFbsex3pu2wYr924cKDaZgLKFH81Wbq7d9Pq
$2b$10$qZ64GjhVYetulM.dqt73zOV8IjlKYKtM/NjKPS1PB0rUcBMkKq0s.
Reply
Advanced User
Advanced
Posts: 57
Threads: 0
Joined: N/A
Reputation: 32

#59
June 26, 2022 at 2:02 PM
(June 26, 2022, 12:11 PM)hacker1111 Wrote:
(June 26, 2022, 12:01 PM)Erik Wrote: How tf am I supposed to listen to the voicemail through VOIP


call 911 :kappa:


Is the priv esc about tcpdump ?
Reply
Member
Member
Posts: 20
Threads: 0
Joined: N/A
Reputation: 9

#60
June 26, 2022 at 2:26 PM
(June 26, 2022, 12:56 PM)fironeDerbert Wrote: https://backdrop.carpediem.htb
=> valid User: jpardella
=> Email: jpardella.carpediem.htb

Does someone know what are the hash types for trudesk ?
$2b$10$CSRmXjH/psp9DdPmVjEYLOUEkgD7x8ax1S1yks4CTrbV6bfgBFXqW
$2b$10$nNoQGPes116eTUUl/3C8keEwZAeCfHCmX1t.yA1X3944WB2F.z2GK
$2b$10$imwoLPu0Au8LjNr08GXGy.xk/Exyr9PhKYk1lC/sKAfMFd5i3HrmS
$2b$10$n4yEOTLGA0SuQ.o0CbFbsex3pu2wYr924cKDaZgLKFH81Wbq7d9Pq
$2b$10$qZ64GjhVYetulM.dqt73zOV8IjlKYKtM/NjKPS1PB0rUcBMkKq0s.


The passwords are hashed in Bcrypt, don't try to crack them, try updating the password for the user with most privileges trough MongoDB (using mongosh and chisel)
Reply


 Users viewing this thread: Carpediem - HTB [Discussion]: No users currently viewing.