[HTB] Lantern
by RedTeamer - Saturday August 17, 2024 at 10:14 AM
Banned

Posts: 200
Threads: 14
Joined: Apr 2024
Reputation: 17

#51
08-17-2024, 11:06 PM
(08-17-2024, 11:05 PM)Anaunimans Wrote: can we have sqli so then we can run shell command using sqlite's .shell utility
U found sqli? Sometimes we can get rce
Ban reason:
Asking for rep is not allowed (Permanent)
Reply
RaidForums
Member
Posts: 11
Threads: 0
Joined: Jul 2024
Reputation: 0

#52
08-17-2024, 11:12 PM
(08-17-2024, 11:05 PM)Anaunimans Wrote: can we have sqli so then we can run shell command using sqlite's .shell utility

Is there even input hitting sqlite? not from :3000 anyways
Reply
RaidForums
Member
Posts: 13
Threads: 0
Joined: Feb 2024
Reputation: 0

#53
08-17-2024, 11:13 PM
(08-17-2024, 11:12 PM)drunkp Wrote:
(08-17-2024, 11:05 PM)Anaunimans Wrote: can we have sqli so then we can run shell command using sqlite's .shell utility

Is there even input hitting sqlite? not from :3000 anyways

thats what we need to hunt , might need to use ssrf on 5000
Reply
Banned

Posts: 36
Threads: 0
Joined: Apr 2024
Reputation: 1

#54
08-17-2024, 11:23 PM
Hint for root? Not used to procmon on linux..

I'm thinking about smth like https://bordplate.no/presentations/findi...rocmon.pdf
Ban reason: Leeching | http://raiddfzn73ir6iyxlf7nwytnujiflddog...an-Appeals if you feel this is incorrect. (Permanent)
Reply
RaidForums
Member
Posts: 4
Threads: 0
Joined: Aug 2024
Reputation: 0

#55
08-17-2024, 11:24 PM
Anyone got anything useful out of this file: _framework/InternaLantern.pdb?
Reply
RaidForums
Member
Posts: 18
Threads: 0
Joined: Jul 2023
Reputation: 0

#56
08-17-2024, 11:26 PM
(08-17-2024, 11:23 PM)nomx1337 Wrote: Hint for root? Not used to procmon on linux..

I'm thinking about smth like https://bordplate.no/presentations/findi...rocmon.pdf

Could you give hint about LFI to reverse shell ?
Reply
Banned

Posts: 36
Threads: 0
Joined: Apr 2024
Reputation: 1

#57
08-17-2024, 11:32 PM
lfi to read a component, decompile and recompile it with your shell, then upload it
Ban reason: Leeching | http://raiddfzn73ir6iyxlf7nwytnujiflddog...an-Appeals if you feel this is incorrect. (Permanent)
Reply
RaidForums
Member
Posts: 11
Threads: 0
Joined: Jul 2024
Reputation: 0

#58
08-17-2024, 11:34 PM
(08-17-2024, 11:32 PM)nomx1337 Wrote: lfi to read a component, decompile and recompile it with your shell, then upload it

that sounds... painful
Reply
RaidForums
Member
Posts: 18
Threads: 0
Joined: Jul 2023
Reputation: 0

#59
08-17-2024, 11:35 PM
Upload in avatar or in vacancies sir ?
Reply
RaidForums
Member
Posts: 11
Threads: 0
Joined: Jul 2024
Reputation: 0

#60
08-17-2024, 11:39 PM
(08-17-2024, 11:35 PM)sodanger123 Wrote: Upload in avatar or in vacancies sir ?

loader is also vulnareable to path traversal it seems
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  [FREE] 300+ Writeups PDF HackTheBox/HTB premium retired Tamarisk 360 88,710 03-28-2026, 09:28 AM
Last Post: catsweet
  [FREE] HTB-ProLabs APTLABS Just Flags kewlsunny 23 2,348 03-28-2026, 03:30 AM
Last Post: lulaladrow
  [MEGALEAK] HackTheBox ProLabs, Fortress, Endgame - Alchemy, 250 Flags, leak htb-bot htb-bot 87 7,490 03-27-2026, 07:22 PM
Last Post: stn
  HTB Eloquia User and Root Flags - Insane Box 69646B 13 350 03-27-2026, 06:14 PM
Last Post: vlxw
  HTB - ALL Challenges you Stuck in osamy7593 2 646 03-27-2026, 04:24 PM
Last Post: catsweet



 Users browsing this thread: 1 Guest(s)