Hint for Fighter

This box was a tough fight … But learned a lot from this.

got shell. and priv esc, working on the final step for the flag if anyone can assist me with a hint. I have one of the key parts but i need another part.

nvm

found the member page and found a vulnerability which I am exploiting. I was able to get some data out which should have provided me auth access to portal but continue to get an error message…

I need a hint on getting the root flag. Please someone PM me

*** I finally got the root flag. Its was fun and i learnt some things*** Thanks to hendrikvb, valkyrix and echel0n1881for their hints and help :slight_smile: :+1:

i got injection and can see some Wb T***b any hint how to move further

can someone pm me to validate what I have found so far and guide me a step forwards? I am trying to exploit the old members site.

I could use some help, if someone could PM me.

*** Just when you think you’ve tried everything and you feel like reaching out for help, only then do you dig deeper…and find the page ***

Can anyone PM about where i can stick the needle? (so to speak)

ask someone does this link work .streetfighterc* ?

@XXYXZX said:

@valkyrix said:
[…]
thanks, think i found it. not just to figure out how to actually get into the site ._.

Let’s just say that this step is simpler than you might think. A lot of funkiness going on there but stay old school and straightforward.

This means that I am missing something - if I am not ready with bruteforce after one week, then I do it wrong right?

i need a hint to get shell im able to execute

Are the root.txt flag in the Administrator Desktop, it seems like is not, if someone rooted please pm me a nudge, thanks.

Argh, fighter has been driving me nuts off and on for weeks now. I’m at the point of trying to execute commands, but as far as I can tell nothing is happening no matter what I do. I know what I need to use…it just seems like it’s doing nothing…

Edit: Drunk posting/wrong machine. Lol.

Someone can you send me PM for help? :slight_smile:
I have a limited shell in system32.
Thanks

PD: The exploit not work right now… The machine have a problem

Edit: Never mind. See latest post.

the first rule!! it is front read it and add them to gether!. :slight_smile:

@thkr said:

@XXYXZX said:

@valkyrix said:
[…]
thanks, think i found it. not just to figure out how to actually get into the site ._.

Let’s just say that this step is simpler than you might think. A lot of funkiness going on there but stay old school and straightforward.

This means that I am missing something - if I am not ready with bruteforce after one week, then I do it wrong right?

It might be a ‘CASE’ of trying harder. XD

So is there no systematic way of finding the old members site? Is it just educated guessing from cryptic clues?

If anyone wants to put me out of my misery please do PM me.