Canape

15681011

Comments

  • Rooted!!! finally, after a long long ride, it's been a fun, frustrating, and complex road, Learnt a lot from this box...Any help or nudge wanted yaou guys can pm me on discord [vrvik#7626]

  • I've been in the low-priv (s)hell forever. Enumerated all files I can back and forth, and nothing comes to focus. If anyone has a hint on getting from www-data to the next level, please share :)

  • pls help , cant copy/clone the repository ?? is that supposed to happen ...

  • edited August 2018

    @yazid101 said:
    pls help , cant copy/clone the repository ?? is that supposed to happen ...

    I'm sure there must be some way to uncoil the snake from around this glassss....

  • I am confused... I have the source code, but I am struggling to understand what I can do with this. I am trying to host it locally by throwing a clone into /var/ www/ html but I don't know enough about hosting an Apache2 site, aparently... Anyone wanna shoot me a tip?

  • Eyy guys ! first comment here, I'm very stuck on RCE... something must misunderstood by me for sure because when I execute the vulnerability in c**** with any kind of payload I always receive 400 as error code, I have seen much of you have received 500...
    Anyone can give a little hint about this error ? Thx !

  • @NorbaK said:
    Eyy guys ! first comment here, I'm very stuck on RCE... something must misunderstood by me for sure because when I execute the vulnerability in c**** with any kind of payload I always receive 400 as error code, I have seen much of you have received 500...
    Anyone can give a little hint about this error ? Thx !

    I already have this one,
    HINT for who is in the same situation: try to find some application to run locally and analyze its code

  • Hello everyone,
    I have a problem. I analyzed the code and I have a working payload on the local machine. The problem is that it is not working on the remote host. I tried many variations but I can't figure out what's wrong. Can someone PM me for hint?

  • @TazWake said:
    So I cracked and came back to this tonight - a bit of time with the DB manpages and I've to usernames and passwords out of the DB. Tomorrow I get the "fun" task of working out where to use them...

    I'm in the same situation, it seems like it must be possible to "login" with that password as the user h***r but usign the typical commands "su", "sudo", ... no way !

  • Just finished it. Amazing box! If anyone needs a nudge PM me.

  • Just rooted this amazing machine ! All the boxes seems impossible at start but Canape is pure hell ! It was frustrating to stay for days stuck, but more re-comforting than others at all! If anyone needs help PM me.

  • edited August 2018

    I have been accessed www which is web directory permission.I need to go deeper to dump both user.txt and root.txt

  • Can someone give me a hint regarding the initial pickle situation ? I have a payload that is working locally, but I keep getting 500 errors when I send it to canape using python requests library

  • Am i missing a port during enumeration?

  • I keep getting 500 response ? can someone help me ?

  • Just rooted! Thanks to the author for this great box. It's my favorite since so far.

    The user acces was the whole time just under my hand, but I was too focused on RCE. Rooting is easy once you have user acces.

    OSCP | OSWE | CRTP


    0x23b

  • Rooted PM if you need help.

  • Could really use some help. I can't get past the 500 Internal Server Error. I have sent my payload directly from Python using Requests but still no luck. Any nudges in the right direction would be greatly appreciated.

  • Rooted, thank you for all the help from my dear friends.

    Hints:
    For initial foothold, enumerate the machine. May help if you can dump the whole set using some tool by internetwache and try to create a script to exploit against it.
    For getting the user after the initial foothold, reach a bit on the db administration on how to add admin users.
    For getting the root shell - this is ironically the easiest part, just google.

    wilsonnkwanl

  • unable to get rce.. have payload working for ping command

  • Unable to get RCE too. Any hint will be apreciated...

  • finally rooted canape.... great machine learnt a lotttt....

  • edited August 2018

    @yazid101 said:
    pls help , cant copy/clone the repository ?? is that supposed to happen ...

    I have problems with this step too..

    EDIT: python POC works locally, but when I try to use it with the machine I receive error 500
    EDIT2: I have initial shell, but now i'm stuck

  • I don't understand exactly how to run the .git program... maybe I'm in left field but anytime I got anything of github there is a install file or readme to guide you through the building process. I have a feeling I'm way off tho. anybody?

  • edited August 2018

    iv'e got the Couch on my local server and trying to run the .git from canape in it? what is going on here

  • edited September 2018

    Spoiler Removed - Arrexel

  • Rooted! Fun box and big lessons learnt

  • Can anyone PM me on discord [pain#9033] for a hint about user? I have no idea where to go next

  • Any help on enumeration I've scanned all TCP Ports but only getting http and ssh ??

    PM would be appreciated.

    Mochan

    Checkout my Dropbox of Goodies >> https://www.dropbox.com/sh/ba0t59c5fnccgms/AACvUbUSflWB1_AAgj8okEUra?dl=0

    [CCNA R&S] [OSCP - In Progress] [Security+ - In Progress]

  • Rooted after more than 2 weeks. Very defiant, complex but also educational machine that requires mandatory basic knowledge of python.. for initial foothold output of nmap scan is pretty useful and then you'll have a long way to go (for me 2 weeks).. then User and root was not that hard.. PM if u need help

Sign In to comment.