Cache

17810121316

Comments

  • Rooted! Interesting box

    Should require a little nudge, feel free to PM!

  • finally got passed the Po*****
    have username and password
    got the rev shell searching for the second user now

    nice box

  • i got the login page and i think this version doesnt have any authentication bypass vuln.
    So, could someone tell me that do i need to try authentication bypass or do i need to use any creds.

  • Type your comment> @GH057404 said:

    i got the login page and i think this version doesnt have any authentication bypass vuln.
    So, could someone tell me that do i need to try authentication bypass or do i need to use any creds.

    its an injection bro

  • Type your comment> @hawksvision said:

    Type your comment> @GH057404 said:

    i got the login page and i think this version doesnt have any authentication bypass vuln.
    So, could someone tell me that do i need to try authentication bypass or do i need to use any creds.

    its an injection bro

    thanks bro.

  • server down and can anyone suggest a way to crack what i found for o*******n

  • Rooted!!!
    Hints for the box:
    Foothold: Read what the CEO is saying. Once you figured it out, Google is your friend. It won't show up immediately, but you gotta enumerate. Be patient!

    User: Go back to your notes, they will help you. Enumeration is key here.

    Root: As others mentioned, it is GTFO. Yes it is for that command. Check it properly.
  • rooted! :smiley:

    Good box, the initial foothold made me go crazy for all the resets... for who's still struggling in the first part, especially if stuck on the p****** p*****, there is a quicker way with i********e, that could also be scripted for convenience ;-)

    Needed some nudges, so thanks for everyone who helped along the way!
    root has been a breeze, too easy but hey, who cares... :-D

    Do i remember correctly ... someone was saying that there is another way to get root?

  • Does the P******* P***** needs to be turned on or does this not matter for exploiting?

  • User is a fun journey
    also to the second user
    Rooted fun exploit to root

    something is installed that will give you root

  • is a payload with c***s needed for user?

  • i need a nudge with initial foothold, i can't get to **m even though i think i found the way. pm me or text me on discord Feror#0569

  • Rooted

    With this machine I have learned a new way of injection for myself in the po **** part. An excellent box, congratulations to the creator.

    Foothold: Enum and enum. Read the home pages contains valuable information. Otherwise this forum has more than enough information for this part.

    first user: This is the part that has taken me the longest but where I have really learned something. first enum, google and sleep long time is the key to not go crazy.

    second_user-root: The name of the box is key and gtfo for root.

    Feel free to pm for any tips.

  • In need of help for first user. any nudge would be appreciated

  • guys im stuck i got another domain, however not able to open it. Tried editing the hosts file but maybe not in the right way. Any help will be appriciated.

  • please dm me.

  • finally owned

  • anyone who needs a nudge can dm me

  • This box was great, thank you ASHacker!

    Small hint:
    There is an automated tool that will fail you at one point. That tool now has a PR open to make it work properly in this situation.

  • I got SQLi
    and got users tables creds
    but still couldn't manage to login
    Any hints guys?

  • There was another table :disappointed:
    nvrmind

  • Well, now i'm stuck at cracking the hash with it's salt
    Am i missing something?

  • Just one question why root is so easy??

  • edited May 2020

    i*******e login page is half in another language and the password changed with no resets left for the day, this box is gonna be the death of me :/

    Got a more stable box with a region change and rooted. Besides the minor annoyances that many people are experiencing, this was a good box that I learned a ton from.

  • Please PM a hint for foothold. Tried several things for a few days now. No dice.

  • Does anyone has problem to access /p****l? I am getting error: "Patient P****l is turned off". Resetting helps, but the error gets back few moments after it.Accordingly, s****p doesn't work.

  • can anyone give me a nudge , got the creds out of the tables and now stumped, cant seem to progress, thanks

  • Type your comment> @nimportequi said:

    Does anyone has problem to access /p****l? I am getting error: "Patient P****l is turned off". Resetting helps, but the error gets back few moments after it.Accordingly, s****p doesn't work.

    you don't actually need that, think someone is probably not careful changing settings

  • Very good machine although I needed a nudge because I wasn't patient enough during a certain exploit which makes me believe I might made it the unintended way because I used a certain funny cat tool. Thanks @ASHacker , very good box!

    k4wld
    Discord: k4wld#5627

  • Got user on this box, working on root.

    t13nn3s
    You can find write-ups and walkthroughs on my personal blog: https://binsec.nl

Sign In to comment.