Bounty

I’m stucked at priv esc. Feel free to PM to help me :wink:

Rooted! That was a really fun initial shell! If you’re struggling with privesc, take a step back and don’t over complicate it! Google has the answer, enumerate more :slight_smile:

finally got SYSTEM on this box. PM for hints

Can someone PM me regarding file upload. Don’t want to put any potential spoilers here…

i’m still not able to figure out how reverse shell is achievable. i’ve tried multiple ways to upload files, but still not getting anything.

Edit: nvm this box is fun! New things to learn! Thank you @mrb3n !

@wildkindcc said:
Rooted! That was a really fun initial shell! If you’re struggling with privesc, take a step back and don’t over complicate it! Google has the answer, enumerate more :slight_smile:

I don’t get the point :smiley:
edit: nvm, got it! :slight_smile:

I’m pretty much beating my head against the wall here. Can someone PM me some hints. I’ve enumerated, tried numerous uploads and I’m out of ideas.

Spoiler Removed - Arrexel

I have the CVE exploit uploaded and in place. I cannot figure out how to leverage it for System owning. Can anyone DM me with a hint please?

@laylow That part is frustrating. You only have about a 30 second window to get in before it gets overwritten. This box is best attempted in the middle of the day when people are at work.

@C3PJoe said:
@laylow That part is frustrating. You only have about a 30 second window to get in before it gets overwritten. This box is best attempted in the middle of the day when people are at work.

man i am from australia so i can only attemp when this time. problem is i get to start to work with australians any team australians around at all…

also man you are 100% right mate… soo frustrating i loud my files get to inside server threw the web interface i got both username but i can’t get inside the folders even tho i have even changed the password for both users i dont get enough time to do it cos asson i go for some friking crushs or overs right the stupid file. i can,t even get chance to uploude a excutible file can’t netcat also cos it crushs by the time i finsih all my staff can you pm what payloud you using i tried to open session but it just fails

Spoiler Removed - Arrexel

people. stop fucking up the box!

rooted finally! this box was a fun ride!

any help will be appreciated. pm me with details. Ive tried dirb but im just not sure what I should be looking at.

got user but i can’t get seccond session because some how million people are uploading staff and session keeps dieing on me… so ill try privac root user later… guess.

Stuck trying to turn the RCE I’ve managed to become a reverse shell.

Tried both direct reverse shell + uploading shells not nothing seems to work currently. Any pointers ?

i am this box too much breaking but at last done. biggggest thanks to one man that Pzylence top block!

@IVWKCSEC said:
Stuck trying to turn the RCE I’ve managed to become a reverse shell.

Tried both direct reverse shell + uploading shells not nothing seems to work currently. Any pointers ?

dm me.

Stuck on priv esc, also the user.txt seems to have disappeared? Searched everywhere incl Desktop, only found a .lnk file referring to it. please feel free to PM me :slight_smile:

Anyone willing to pass on a hint for Priv Esc? I’ve been banging my head against the wall for several hours trying to find stuff like passwords, and manual enumeration on just about every file I seem to have access to. There must be something staring me right in the face… Thanks in advance!