Return to forum
RedPanda - HTB [Discussion]
by - Thursday, January 1, 1970 at 12:00 AM
Elite User
Elite
Posts: 166
Threads: 0
Joined: N/A
Reputation: 5

#31
July 9, 2022 at 10:03 PM
its possible escalate with UDF ?
Reply
Mimikatz Enthusiast
GOD
Posts: 22
Threads: 0
Joined: N/A
Reputation: 40

Hacker
#32
July 9, 2022 at 10:05 PM
what is /opt/credit-score/LogParser/final/target for?
Reply
Elite User
Elite
Posts: 166
Threads: 0
Joined: N/A
Reputation: 5

#33
July 9, 2022 at 10:06 PM
(July 9, 2022, 10:05 PM)mimikatz Wrote: what is /opt/credit-score/LogParser/final/target for?


idk i look in that folder but in cant change files in that folder. hijack path maybe ?
Reply
Member
Member
Posts: 23
Threads: 0
Joined: N/A
Reputation: 1

#34
July 9, 2022 at 10:06 PM
(July 9, 2022, 09:59 PM)Erik Wrote:
(July 9, 2022, 09:42 PM)mceye Wrote: cat /opt/panda_search/src/main/java/com/panda_search/htb/panda_search/MainController.java


Is the key to root really there or you were just throwing that as a maybe kinda thing ? Cause apart from the database which doesn't contain anything relevant the rest is just the website


is for user to get the credentials from for user .
Reply
Mimikatz Enthusiast
GOD
Posts: 22
Threads: 0
Joined: N/A
Reputation: 40

Hacker
#35
July 9, 2022 at 10:06 PM
In root with have /credits, are they somehow related?
Reply
Advanced User
Advanced
Posts: 57
Threads: 0
Joined: N/A
Reputation: 32

#36
July 9, 2022 at 10:08 PM
(July 9, 2022, 10:06 PM)mimikatz Wrote: In root with have /credits, are they somehow related?


Idk, I thought /credits was related to the websites, users can get some credits iirc if people vote for their picture or something like that
Reply
Elite User
Elite
Posts: 166
Threads: 0
Joined: N/A
Reputation: 5

#37
July 9, 2022 at 10:08 PM
(July 9, 2022, 09:36 PM)nhocit Wrote:
(July 9, 2022, 08:55 PM)yumi Wrote:
(July 9, 2022, 08:53 PM)quick443 Wrote: Someone gives me a hand? only respond server error 500


GitHub - VikasVarshney/ssti-payload: SSTI Payload Generator


Did u get the rev shell? Just use a proper payload!
https://www.revshells.com/ --> Use this!


yes im in.. trying find a way to escalate to root
Reply
Mimikatz Enthusiast
GOD
Posts: 22
Threads: 0
Joined: N/A
Reputation: 40

Hacker
#38
July 9, 2022 at 10:08 PM
(July 9, 2022, 10:08 PM)Erik Wrote:
(July 9, 2022, 10:06 PM)mimikatz Wrote: In root with have /credits, are they somehow related?


Idk, I thought /credits was related to the websites, users can get some credits iirc if people vote for their picture or something like that


Oh good point
Reply
Member
Member
Posts: 16
Threads: 0
Joined: N/A
Reputation: 0

#39
July 9, 2022 at 10:10 PM
(July 9, 2022, 10:08 PM)mimikatz Wrote:
(July 9, 2022, 10:08 PM)Erik Wrote:
(July 9, 2022, 10:06 PM)mimikatz Wrote: In root with have /credits, are they somehow related?


Idk, I thought /credits was related to the websites, users can get some credits iirc if people vote for their picture or something like that


Oh good point


running pspy confirms that they are related
Reply
Advanced User
Advanced
Posts: 57
Threads: 0
Joined: N/A
Reputation: 32

#40
July 9, 2022 at 10:11 PM
I've been looking at priv esc with jjs, like this kind of stuff : https://snowscan.io/htb-writeup-mango/#
Tried playing with other java funcs without success, I'm back to looking at source code
Linpeas detected some scripts that were in the path, gettext.sh and rescan-scsi-bus.sh but they seem legit
Reply


 Users viewing this thread: RedPanda - HTB [Discussion]: No users currently viewing.