Mango

17810121323

Comments

  • @MrR3boot Thank you soo much for this box learned a lot and well you tested my patience so well to get the credentials :(

    Hints:-
    User:
    Enumerate Enumerate Enumerate :)
    once you found the page understand the technology behind it.
    --where would u store the user name and password?
    --does that storage has a name ?
    MANGO is a super hint :D

    write some code,exploit it and well you need to have little bit of python knowledge :)
    patience patience patience :D
    you got user and for
    Root:
    basic enumeration and little bit of GTFOBins and you have root :D

  • @AnonSimba said:
    @MrR3boot Thank you soo much for this box learned a lot and well you tested my patience so well to get the credentials :(

    Hints:-
    User:
    Enumerate Enumerate Enumerate :)
    once you found the page understand the technology behind it.
    --where would u store the user name and password?
    --does that storage has a name ?
    MANGO is a super hint :D

    write some code,exploit it and well you need to have little bit of python knowledge :)
    patience patience patience :D
    you got user and for
    Root:
    basic enumeration and little bit of GTFOBins and you have root :D

    Well Done :)

    MrR3boot
    Learn | Hack | Have Fun

  • edited November 2019

    So I just want to thank @MrR3boot for creating a box that was definitely a nice challenge for my first non-retired box. First time juicing the mangoes, and it was well worth the squeeze.

    Another thank you to @D3Fix, you have no idea how much your guidance helped along the way.

    This is what I have learned:
    User-
    1. Listen to the responses you get back, they will be the seed that allows you to grow that mango tree and squeeze it for all it's worth.
    2. Regex can be your friend and your foe.
    3. Take breaks, i think I went a little more grey from this box.

    Root-
    1. When going from one user to another, remember your god damn basic enum...2 hours... grrr
    2. Making it to root can seriously GTFO, for me nothing to user took all up probably 9 hours and from user to root took 10 minutes if that.

    But again, thanks for the fun challenge and introduction to active machines @MrR3boot. I will surely remember this one, and now mangoes aren't that scary.

    Spknoxy

  • @Spknoxy said:
    So I just want to thank @MrR3boot for creating a box that was definitely a nice challenge for my first non-retired box. First time juicing the mangoes, and it was well worth the squeeze.

    Another thank you to @D3Fix, you have no idea how much your guidance helped along the way.

    This is what I have learned:
    User-
    1. Listen to the responses you get back, they will be the seed that allows you to grow that mango tree and squeeze it for all it's worth.
    2. Regex can be your friend and your foe.
    3. Take breaks, i think I went a little more grey from this box.

    Root-
    1. When going from one user to another, remember your god damn basic enum...2 hours... grrr
    2. Making it to root can seriously GTFO, for me nothing to user took all up probably 9 hours and from user to root took 10 minutes if that.

    But again, thanks for the fun challenge and introduction to active machines @MrR3boot. I will surely remember this one, and now mangoes aren't that scary.

    Chuffed with your feedback. Thanks

    MrR3boot
    Learn | Hack | Have Fun

  • edited November 2019

    i could really use a nudge on initial foothold tried looking at the certificate and found a domain name which returns an error, tried brute forcing the pages for different links but no luck either.

    Can someone please point me in the right direction

    Edit:Found the login page,was able to to get credentials but not sure where i can use those tried 22 and login but no luck can anyone help me

  • It was pleasure to cope with this machine. I haven't known this type of fruit earlier, perhaps the climate is not sufficient for growing it in my area. I enjoyed that I needed to develop a script to get user access, and develop a simple program to provide root access.

    Thank machine maker for the challenge.

    bumika

  • rooted. Thank you @MrR3boot for the machine.
    I don't have to say any clues as all hints are already on this forum.

  • edited November 2019

    Rooted :) thanks to @olsv that single hint worked from mAngo to root ;)
    Feel free to ping me :)

  • Stuck on login page. Using repeater, but always respond the same... also found /h.....p which redirects. Any idea where to move? Bruteforce login password? found script to inject into nosql dbs.. but it doesnt work... i am stuck

  • > @protei300 said:
    > Stuck on login page. Using repeater, but always respond the same... also found /h.....p which redirects. Any idea where to move? Bruteforce login password? found script to inject into nosql dbs.. but it doesnt work... i am stuck

    I was stuck there for a long time as well. Make sure that the script uses the same method as when you try to login via the browser...
  • Got User, but stuck on root.... any hints?

  • Finally rooted. Thank you @MrR3boot for the machine. Was really interesting to hack into user... Root was straight forward if one have experience with priv escal... I dont so have learned quite a lot knew on both stages.

    Some hints on user:
    Script in the internet wont work out of the box... but it will give you idea. then just work with regex, and you cannot find all chars of password, but thats not a problem

  • I rooted mango yesterday, although I didn’t get the shell. I am still deciding if I liked the box or not.
    Guessing the technology was a pain and I only found out because of what others said on the forum. I guess this part makes it a real life machine since normally you don’t know the technology either.

    Are there any tools like sqlmap to detect these kind of technology? (Can someone pm me the answer?)

    Root was rather easy, the default enum tool called it “interesting” and after that it was quickly over...

  • i can't find the login page. so far I found one vhost and started enumeration on that. But nothing that looks promising. How should one start looking when not using dirbuster? Seem like I'm not getting the past hints.

  • Im not sure how to use the cert to get access to the machine. If anyone can pm me with hints that would greatly be appreciated.

  • hey, Im stuck at the login page. I got the creds for the first user and nearly everything for the other except 2 chars missing. I tried to guess them like i did for the one missing in the first but no success. Is there something i miss maybe?

  • Type your comment> @MrR3boot said:

    Kind of irreal security concept... isnt'it ? well its not. So many apps sitting in cloud using same technology which mightbe vulnerable to this kinda issue.

    ok... i should choose my words more carefully:

    i'didn mean that the box is not real-life-like...
    and i absolutely agree, that it is rather "realistic" to find such vulnerabilities...

    but i found it kind of "surreal" to ask the authentication-method for the credentials...

    so:... sorry & thanks again...
    "learn, hack, have fun"... did work for me... ;)

  • if anyone needs help with the scripting aspect, let me know. make sure to show me your script and i'll try to help as best i can. made some really simple mistakes in mine that took a couple hours to troubleshoot.

  • edited November 2019

    Rooted! Had much fun with the machine, kudos to maker :)

    Tips for user

    • Enum thoroughly
    • If something seems like mostly frontend app it's probably a rabbit hole
    • The rabbit hole might be also useful to show what kind of technologies are preffered on the server
    • When you finally stand at the door forget about all the "similar to mango" tips. It's seems really clever when you already know the answer but not really helpful if you don't. (or maybe I'm just dumb)
    • Think like a hacker instead. Try to bypass the security in different technologies' payloads. Think back to the rabbit hole. What kind of technologies were used there?
    • After bypassing the security think how to exploit even more on the vuln.

    Tips for root:

    • Pretty much straightforward. Basic enum will show you the way

    PM me for nudges if needed

  • Rooted!
    Definitely a fun box.
    Once you get a foothold, the userand root are pretty much straight forward
    PM for a nudge.

  • Finally rooted...thanks for the box @MrR3boot !!

  • This. I'm getting two 4-character passwords for the two users, but I'm pretty sure both are wrong. I'm missing something small...

    @Spknoxy said:
    Can someone who has solved this please DM to discuss the password regex details, currently have my script responding to the requests, however I am struggling to pass it in the right way.

  • This. I'm getting two 4-character passwords for the two users, but I'm pretty sure both are wrong. I'm missing something small...

    Think about your tested characters list.

  • AklAkl
    edited November 2019

    Rooted: Thanks @NikolaITA and @sud0r00t1 for the push.

  • Even if you don't want to play the word game with m*ngo there is another hint in /v****r/c******r/. enum for json files and you will see the place filled with fruits

  • edited November 2019

    Need a nudge with data extraction after reaching the under construction page. Looked at payload of all things for guide but I am very bad at regex so pretty sure I am doing it wrong. DM me.

    EDIT: nvm. rooted.

  • edited November 2019

    That was a fun box! I learned a lot gaining user, and the scripting part was great. Thanks @MrR3boot.

    Hints: for user, use Burp and Wireshark to check requests and responses when scripting and make sure your request headers etc are correct. If the responses you're getting aren't working check bad chars.

    Root: Basic enum.

  • Hey all, stuck at the final hurdle before user and need help with my script. Anyone able to PM? Cheers!

  • Hey people

    i'm stuck at "U**** P*******" at h*.p ...
    Please DM me if you can give me a hint on how to get a foothold / shell from here

  • is it ok get a bunch of "dollars"? help XD

Sign In to comment.