Return to forum

gorilla · August 7, 2022 at 10:05 PM

Thanks for info

c0d3r · August 7, 2022 at 10:06 PM

whats up with the reply?

opdl · August 7, 2022 at 10:14 PM

(August 7, 2022, 09:01 PM)Exa Wrote:
(August 7, 2022, 08:59 PM)opdl Wrote:
(August 7, 2022, 08:53 PM)Exa Wrote: I changed admin's password in wp_users. However, I found this step is not necessary. After logging into wp-admin, I opened PWDMS > Passwords. However, it got me a 404.

As @yournamehere explained, read out the ciphertext and the encryption key from the database. Then copy encryption.php to your local machine and use the decrypt function().

OK and where you find the file encryption.php please ?

Search under /opt/site.new

Thank you. I found the ciphertext and the iv, but not the key. I'm sorry I'm not good at crypto

MrNiko · August 7, 2022 at 10:22 PM

(August 7, 2022, 08:41 PM)loge23 Wrote:
(August 7, 2022, 08:17 PM)fukingfuck Wrote: Hate bruteforce based boxes. ill wait till someone post vdi pass =)

c3

hmmmmmm

omnik · August 7, 2022 at 10:28 PM

thanks

cloud9 · August 7, 2022 at 11:22 PM

(August 7, 2022, 08:41 PM)loge23 Wrote:
(August 7, 2022, 08:17 PM)fukingfuck Wrote: Hate bruteforce based boxes. ill wait till someone post vdi pass =)

c3

ty

B0b_4l1s · August 8, 2022 at 12:20 AM

(August 7, 2022, 08:41 PM)loge23 Wrote:
(August 7, 2022, 08:17 PM)fukingfuck Wrote: Hate bruteforce based boxes. ill wait till someone post vdi pass =)

c3

icecoder · August 8, 2022 at 1:39 AM

:heart:

lalatss · August 8, 2022 at 1:43 AM

thanks

skyweasel · August 8, 2022 at 3:44 AM

(August 7, 2022, 02:45 AM)yumi Wrote: upload a pdf you alredy found on server.
upload and with burp change content from PDF to you php reverse shell.

after that access http://moderators.htb/logs/uploads/shell.pdf.php

So, I get caught on Content-Type if its changed away, but if I leave it, I get 500 HTTP server error.
If I leave it alone, then it doesn't execute. Have tried basic SYSTEM calls, tried full rev shells etc.
fkn weird