Curling

1141517192032

Comments

  • Got the user.txt and root.txt
    but the root.txt permission have anything wrong?

    image

  • Hey guys, curling is my first ever CTF attempt... I've managed to fumble my way into user and can see the a-a folder everyone is talking about. Can also see the files being accessed... but not sure where to go from there. Can someone please PM me with a nudge in the right direction?

  • edited December 2018

    Finally got root flag, but I cannot figure out how to get a root shell.

    EDIT: I must just have the syntax wrong. I can get what I want from the user shell to spawn a reverse user shell, but I cannot get the same result using input. If I am one the right track, please PM me.

    n00b

  • Can anyone help me? Currently stuck at a****-ar**, and managed to see the command in the processes. Tried looking at the man for c**L but still didn't get it

  • Hey, i found interesting file s*****.txt on inspect element but didn't get clue for the username to login admin joomla, anyone can give me a clue? i tried to create username wordlist but didn't success to login admin page

  • Hey, i found interesting file s*****.txt on inspect element but didn't get clue for the username to login admin joomla, anyone can give me a clue? i tried to create username wordlist but didn't success to login admin page

  • edited December 2018

    Can somebody help me with final stage, I just need right syntax to get my file (output of file of course) :)

    Edit: rooted, nevermind... :)

    Arrexel

    |OSCP|OSCE|

  • @blackcat said:
    Hey, i found interesting file s*****.txt on inspect element but didn't get clue for the username to login admin joomla, anyone can give me a clue? i tried to create username wordlist but didn't success to login admin page

    Read....The.....articles! This will give you what you are looking for 100% Good Luck!

  • Thanks for all you guy's help and hints really appreciate it :) deda1mraz thanks to you bro and GDX :)

  • Ladies and Gents, I achieved USER Sh*** yesterday and I feel that I am close to root but I am just missing something. Any helpful input based on that would be totes amazing lol!

  • edited December 2018

    Got it!

    Grabbed the user flag but got stuck going for root. A helpful tip from GDX confirmed I was on the right path and gave me what I needed to see the full picture and make it work.

    Thanks :)

  • I got the user.txt file but am stuck on escalating myself onto Root. This is my first machine, after reading hints about processes, I have no clue. Anyone willing to provide me a tip via PM?

  • can someone provide me a nudge on how to get root? i know if i change something affect other thing but cannot make it work to read root. Any nudge pleaseeee

    dplastico
    OSCP-OSCE

  • I tried to upload .php file after making changes in allowed extensions but still unable to upload the .php file am I doing anything wrong

  • finally got the shell............

  • edited December 2018

    I still dont get how to make c*** to read files :scream: a nudge someone !

    edit: GOT IT! thanks for the clue @jkr

    dplastico
    OSCP-OSCE

  • edited December 2018

    Yup, as an noob can someone help me to create a reverse shell? cause I tried everywhere and now I don't know what options I have...

    Edit : Reverse Shell is ok now!

  • Any one can give a hint for root, got stuck in a-a folder.

  • > @SPENCERTT said:
    > Any one can give a hint for root, got stuck in a-a folder.

    Honestly, the best hints are already on this thread. Any more would be a dead giveaway. If you need more than that, you will need to ask someone via PM.

    n00b

  • is s*****.txt just to mock you?

  • @zinhart said:
    is s*****.txt just to mock you?

    nope! id continue to figure out what's in the txt file :)

  • I already curl'd it in the last comment and it seems to be a hash, clues on what I might do with it?

  • edited December 2018

    Just got super user and the credentials were very upsetting, makes you want to pull your hair out. The only thing that makes me feel marginally better is defacing the website.
    Is this why people seem to hate CTF?

  • edited December 2018

    Anytips on privesc out of www-****?
    Edit
    Just got user, although I am interested in how folks got root.txt before they got user.txt

    In my attempt from my r****** sh*** I tried c*** and nc to put a backdoor with on user ww******. Rather than a restricted shell, it seems like the user group is at play blocking write privs so to me you bypassed/edited the user group config? Would like pm's on this subject.

  • Yesterday I am able to get the shell, but today when i tried to reproduce the same thing unable to do so . Need some guidance here

  • edited December 2018

    I don't know what to do with and a-a files...If someone has a hint!

  • Hello, I could use a hint for root.txt. PM appreciated. TY

  • edited December 2018

    Got root.txt but still lingering thoughts/questions. My take away from this box is to not have a config file for a service running as root be writable by a non root user.

    I'd like to know how people a getting a shell but I still want to figure this rather than be told
    so my question is,
    what service is updating the ad-ar files?

    edit:
    I tried putting in the location of shell in the same format as root and got binary as output.
    Any care to explain in a pm?

  • @nate6268 said:
    Hello, I could use a hint for root.txt. PM appreciated. TY

    On the same boat.. unable to understand how to leverage the a-a area files to get root.txt

  • stuck at p****_b****p. The magic number shows it as bz*. I decompress it and it gives still hexdecimal data. FILE $FILE says its ASCII. Any nudges please

Sign In to comment.