Canape

Eyy guys ! first comment here, I’m very stuck on RCE… something must misunderstood by me for sure because when I execute the vulnerability in c**** with any kind of payload I always receive 400 as error code, I have seen much of you have received 500…
Anyone can give a little hint about this error ? Thx !

@NorbaK said:
Eyy guys ! first comment here, I’m very stuck on RCE… something must misunderstood by me for sure because when I execute the vulnerability in c**** with any kind of payload I always receive 400 as error code, I have seen much of you have received 500…
Anyone can give a little hint about this error ? Thx !

I already have this one,
HINT for who is in the same situation: try to find some application to run locally and analyze its code

Hello everyone,
I have a problem. I analyzed the code and I have a working payload on the local machine. The problem is that it is not working on the remote host. I tried many variations but I can’t figure out what’s wrong. Can someone PM me for hint?

@TazWake said:
So I cracked and came back to this tonight - a bit of time with the DB manpages and I’ve to usernames and passwords out of the DB. Tomorrow I get the “fun” task of working out where to use them…

I’m in the same situation, it seems like it must be possible to “login” with that password as the user h***r but usign the typical commands “su”, “sudo”, … no way !

Just finished it. Amazing box! If anyone needs a nudge PM me.

Just rooted this amazing machine ! All the boxes seems impossible at start but Canape is pure ■■■■ ! It was frustrating to stay for days stuck, but more re-comforting than others at all! If anyone needs help PM me.

I have been accessed www which is web directory permission.I need to go deeper to dump both user.txt and root.txt

Can someone give me a hint regarding the initial pickle situation ? I have a payload that is working locally, but I keep getting 500 errors when I send it to canape using python requests library

Am i missing a port during enumeration?

I keep getting 500 response ? can someone help me ?

Just rooted! Thanks to the author for this great box. It’s my favorite since so far.

The user acces was the whole time just under my hand, but I was too focused on RCE. Rooting is easy once you have user acces.

Rooted PM if you need help.

Could really use some help. I can’t get past the 500 Internal Server Error. I have sent my payload directly from Python using Requests but still no luck. Any nudges in the right direction would be greatly appreciated.

Rooted, thank you for all the help from my dear friends.

Hints:
For initial foothold, enumerate the machine. May help if you can dump the whole set using some tool by internetwache and try to create a script to exploit against it.
For getting the user after the initial foothold, reach a bit on the db administration on how to add admin users.
For getting the root shell - this is ironically the easiest part, just google.

unable to get rce… have payload working for ping command

Unable to get RCE too. Any hint will be apreciated…

finally rooted canape… great machine learnt a lotttt…

@yazid101 said:
pls help , cant copy/clone the repository ?? is that supposed to happen …

I have problems with this step too…

EDIT: python POC works locally, but when I try to use it with the machine I receive error 500
EDIT2: I have initial shell, but now i’m stuck

I don’t understand exactly how to run the .git program… maybe I’m in left field but anytime I got anything of github there is a install file or readme to guide you through the building process. I have a feeling I’m way off tho. anybody?

iv’e got the Couch on my local server and trying to run the .git from canape in it? what is going on here