Falafel

I know how login as admin. But I have no idea how made shell or go further…

I tried harder and got the login vuln sorted out… now working on RCE… this is fun! Next time, this may be a bit easier.

‘Falafel lover, Site admin
“Know your limits.” -Anonymous’

Nice hint.

Nice, I got root

I’ve got user and I’ve been struggling with privesc for a while.
I guess the way is related to the groups m*** belongs to.

Is it v*** group the way to go?

Any hint would be appreciated…

yes

I found the “hint” file, so I know 2 usernames for the website but I can’t login as either of them. I tried SQLi and bruteforce with no success. Can anyone give me a nudge on PM ?

magic

believe me, this is a hint

@mpgn said:
magic

believe me, this is a hint

Arrexel is coming with spoiler hammer xD

I found the file with hint. i know both the username’s. but stuck with login. No SQLi technique works. can someone DM me with a clue

use above method

@Maniek said:
yes

Thanks!

wow this box is driving me nuts… can’t get a shell after somehow making it to the admin panel

I’m stuck on upload.php, can anyone PM please?

Thank you

owned user yesterday. but the machine is retiring tomorrow i think so i wont continue with it. if you need help with user ping me

Holy smokes this box was crazy. I can’t wait to see what ipp does with it. I learned a lot and changed the way I look at some things. Hat officially tipped to @dm0n and @Stylish . Great job guys.

I can’t believe there is no badge for this machine. Seemed like it should’ve had one with all you have to do to beat it. lol

Badges are rewarded on Insane difficulty boxes.

I should submit an Insane box, then :wink:

@dm0n said:
I should submit an Insane box, then :wink:

Yes please!