08-17-2024, 10:35 PM
|
[HTB] Lantern
by RedTeamer - Saturday August 17, 2024 at 10:14 AM
|
|
08-17-2024, 10:37 PM
Ban reason:
Asking for rep is not allowed (Permanent)
08-17-2024, 10:38 PM
08-17-2024, 10:42 PM
Identified a path
/home/tomas/LanternAdmin/bin/Debug/net6.0/LanternAdmin.dllI tried to download it through the aforementioned path traversal or loading that module via the admin panel, but neither worked for me
08-17-2024, 10:46 PM
i'm trying to read FileUpload.dll - maybe there is a way to upload file not to static/images
(08-17-2024, 10:42 PM)carbonzillioxide Wrote: Identified a path from path traversal it can't be done because www-data doesn't have rights to /home/tomas
08-17-2024, 11:01 PM
(08-17-2024, 10:48 PM)jsvensson Wrote: i'm trying to read FileUpload.dll - maybe there is a way to upload file not to static/images Datadb is probably with the binary. But then, that server is run by tomas, so www-data shouldnt have access to data.db either way.
08-17-2024, 11:04 PM
use path traversal for shell..
Ban reason: Leeching | http://breachddyfwvcp4kzccos5oxtdbssmfbp...an-Appeals if you feel this is incorrect. (Permanent)
08-17-2024, 11:05 PM
Ban reason:
Asking for rep is not allowed (Permanent)
08-17-2024, 11:05 PM
can we have sqli so then we can run shell command using sqlite's .shell utility
|
|
« Next Oldest | Next Newest »
|
| Possibly Related Threads… | |||||
| Thread | Author | Replies | Views | Last Post | |
| [FREE] 300+ Writeups PDF HackTheBox/HTB premium retired | 360 | 88,710 |
03-28-2026, 09:28 AM Last Post: |
||
| [FREE] HTB-ProLabs APTLABS Just Flags | 23 | 2,348 |
03-28-2026, 03:30 AM Last Post: |
||
| [MEGALEAK] HackTheBox ProLabs, Fortress, Endgame - Alchemy, 250 Flags, leak htb-bot | 87 | 7,490 |
03-27-2026, 07:22 PM Last Post: |
||
| HTB Eloquia User and Root Flags - Insane Box | 13 | 350 |
03-27-2026, 06:14 PM Last Post: |
||
| HTB - ALL Challenges you Stuck in | 2 | 646 |
03-27-2026, 04:24 PM Last Post: |
||