Return to forum
Derailed - HTB [Discussion]
by - Thursday, January 1, 1970 at 12:00 AM
BreachForums User
VIP
Posts: 213
Threads: 0
Joined: N/A
Reputation: 56

#1
November 19, 2022 at 7:07 PM
PORT     STATE SERVICE
22/tcp   open  ssh
3000/tcp open  ppp
Reply
Member
Member
Posts: 2
Threads: 0
Joined: N/A
Reputation: 0

#2
November 19, 2022 at 7:21 PM
[php]# /rails/info/properties

Rails version 6.1.6
Ruby version ruby 2.7.2p137 (2020-10-01 revision 5445e04352) [x86_64-linux]
RubyGems version 3.1.4
Rack version 2.2.3
Middleware
Webpacker::DevServerProxy
ActionDispatch::HostAuthorization
Rack::Sendfile
ActionDispatch::Static
ActionDispatch::Executor
ActiveSupport::Cache::Strategy::LocalCache::Middleware
Rack::Runtime
Rack::MethodOverride
ActionDispatch::RequestId
ActionDispatch::RemoteIp
Sprockets::Rails::QuietAssets
Rails::Rack::Logger
ActionDispatch::ShowExceptions
ActionDispatch::ActionableExceptions
ActionDispatch::Reloader
ActionDispatch::Callbacks
ActiveRecord::Migration::CheckPending
ActionDispatch::Cookies
ActionDispatch::Session::CookieStore
ActionDispatch::Flash
ActionDispatch::ContentSecurityPolicy::Middleware
ActionDispatch::PermissionsPolicy::Middleware
Rack::Head
Rack::ConditionalGet
Rack::ETag
Rack::TempfileReaper
Application root /var/www/rails-app
Environment development
Database adapter sqlite3
Database schema version 20220529182601[/php]
Reply
BreachForums User
GOD
Posts: 4
Threads: 0
Joined: N/A
Reputation: 0

#3
November 19, 2022 at 7:53 PM
All the routes are in http://derailed.htb:3000/rails/info/routes

No need to fuzz this one.
Reply
Member
Member
Posts: 8
Threads: 0
Joined: N/A
Reputation: 0

#4
November 19, 2022 at 9:18 PM
anyone found a way to log in?
Reply
Member
Member
Posts: 7
Threads: 0
Joined: N/A
Reputation: 0

#5
November 19, 2022 at 9:23 PM
(November 19, 2022, 09:19 PM)Hacker2222 Wrote:
(November 19, 2022, 09:18 PM)bruhmoment236 Wrote: anyone found a way to log in?


register a user JAJAJA we just need to become admin prob with xss in report


stealling cookie?
Reply
BreachForums User
GOD
Posts: 861
Threads: 0
Joined: N/A
Reputation: 395

TwitterWeeabooShoutbox AddictLGBTQ+TransgenderVIP Gifter
#6
November 19, 2022 at 9:39 PM
No stealing cookies rubik lol
I have quit due to abuse from mods. I will be back some day
Reply
Member
Member
Posts: 13
Threads: 0
Joined: N/A
Reputation: 0

#7
November 19, 2022 at 9:42 PM
Any hints ?
Reply
Member
Member
Posts: 7
Threads: 0
Joined: N/A
Reputation: 0

#8
November 19, 2022 at 11:39 PM
I am lost, any help? I am trying ruby deserialization , but nothing yet!
Reply
Member
Member
Posts: 6
Threads: 0
Joined: N/A
Reputation: 5

#9
November 20, 2022 at 12:33 AM
(November 19, 2022, 11:39 PM)josh007 Wrote: I am lost, any help? I am trying ruby deserialization , but nothing yet!


not sure but prob xss with the report . cant get the payload to call back tho
Reply
Member
Member
Posts: 7
Threads: 0
Joined: N/A
Reputation: 0

#10
November 20, 2022 at 12:35 AM
(November 20, 2022, 12:33 AM)Hacker2222 Wrote:
(November 19, 2022, 11:39 PM)josh007 Wrote: I am lost, any help? I am trying ruby deserialization , but nothing yet!


not sure but prob xss with the report . cant get the payload to call back tho


I've tried to steel admin cookies but, but never receive them. now I am testing deserialization on page /report but the application crashed.
Reply


 Users viewing this thread: Derailed - HTB [Discussion]: No users currently viewing.