This machine is really awesome. Actually I was crazy for a moment but @Didakt comment rescue me. Thanks @lokori ,@Didakt
Iāve tried modifying the payload, but seems like Iām missing something. Maybe thereās more to the eye on the u page?
I need help. I could not find anything except the ports. Any hint?
edit, was stupid enough. nvm
I need some help with user.txt, I already know the vulnerability and how to get RCE from it (Similar to aragog since I already got the user of that). However, this application does not show the output of the LFI, which I am trying to redirect to myself at a http or ftp server. However, does not seem to work by any reasons. Can someone PM about it.
This was fun @lokori. I enjoyed this machine. Keep up the good work mate. I really liked the way you left subtle hints to not land in rabbit hole and keep progressing.
For those who are still on this machine, you need to be a spider killer, and be Marty at the same time!
Hello guys, I have some doubts on the payload, through XML I can see some important files but I canāt launch commands (maybe for a reverse shellā¦ I donāt know if Iām on the right track!)
Any suggestions in PM?
Well, I need some push with that xml. I am trying to upload classical XML, when I tested XML injection, I was able to delay server response, but I am not able to get anywhere. I udnerstand I should format it author/subject/content in some article, or feed, or something, but only 200 response I get is when I do not upload file with xml ending.
Maybe I am just too tired, but hint is very welcome:D
OK. I am able to send XML to server. I am able to send request to myself from server. But thats all. Is there any hint where should I look to see my uploads? Or how should I proceed from here?
See if there any other files you can read that can help you connect to the server
@karelchajim said:
OK. I am able to send XML to server. I am able to send request to myself from server. But thats all. Is there any hint where should I look to see my uploads? Or how should I proceed from here?
see you nmap scan againā¦ think how can u use those port with xml
rooted!
if you want hints you can ask me.
I got user.txt (without gaining a shell onto the box). Do you require an existing shell to get root or is the information available through xml enough?
@UserAlpha said:
I got user.txt (without gaining a shell onto the box). Do you require an existing shell to get root or is the information available through xml enough?
Think of ways, how you can login to a machine. You donāt have to pop a reverse shell.
@0x23B said:
@UserAlpha said:
I got user.txt (without gaining a shell onto the box). Do you require an existing shell to get root or is the information available through xml enough?Think of ways, how you can login to a machine. You donāt have to pop a reverse shell.
Was using the wrong identity file. Thanks - in as low priv user. Time to try escalate.
@0x23B said:
@UserAlpha said:
I got user.txt (without gaining a shell onto the box). Do you require an existing shell to get root or is the information available through xml enough?Think of ways, how you can login to a machine. You donāt have to pop a reverse shell.
Got root. Thankās again.
Would someone point me in the direction of using the upload syntax? Iāve been playing around with an online validator but correct syntax/structure in the validator still yields nothing.I cannot seem to get any sort of response other than the Internal Server Error. PMs welcome.
Stuck at priv esc, any hints?
I just rooted this machine tonight after over thinking the path for priv esc. For those of you having problems with it here are some tips:
- Re-read the posts here
- Re-read what you have enumerated (files, services, apps)
- Read the file again until you see what you have been scrolling past for hours
@lokori thanks for creating this machine! It has been the most rewarding one I have worked on so far. Got to play with a lot of different techniques I havent used yet, learned a lot.
Cheersā¦ On to the next oneā¦