Bounty

@mizzion said:

@WillIWas said:
The box seems so unstable, getting different responses all the time… Is this correct?

yea that box can seem unstable, at times and a bit temperamental . do you have any shell access etc?

No, I just started, found som gui, but it disappeared and I can’t get it back

Messed up my dirb search aswell… annoying

@WillIWas said:
Messed up my dirb search aswell… annoying

if you read all the posts on this thread you will work out what scans to run for a successful recon phase which will lead to your foothold

@mizzion said:

@WillIWas said:
Messed up my dirb search aswell… annoying

if you read all the posts on this thread you will work out what scans to run for a successful recon phase which will lead to your foothold

Well, I’ll go read then, thx

@Razzty said:
I have created payload and can successfully browse through the website, but where the ■■■■ is user.txt?

You can’t see the air but…

@sodomak said:

@Razzty said:
I have created payload and can successfully browse through the website, but where the ■■■■ is user.txt?

You can’t see the air but…

Yeah, you’re right :slight_smile: Now I’m on priv esc, since I got user shell. Any hints?

Bounty is wildly unstable - same file that worked four hours ago, from the same computer, now throws a 404. Makes no sense.

Not even trying RCE - just trying to view text.

after much work and many dead ends i finally got system on this box. the box’s instability definitely threw me off at both the user and system stage. it was good fun though and i learned a lot in the process.

tried many extensions, almost every language i can think of! this is nasty !

Edit: nevermind, I’m dumb xD

finally got root, if someone needs help, just PM me…

Rooted, Fun box, but priv esc was kinda dull :slight_smile:

So, I’ve been trying to run this powershell reverse shell using the ;. method. Not working. It used to work using the ;. method, but now it’s not. I’ve reset the box and still no dice. This box has been the bane of my existence for days now. What am I doing wrong? I don’t care if it’s a spoiler at this point. I just want this ■■■■■■ box done.

So, Finally got the correct file type, but still working on the right payload

Got user.txt
Thx to @Ozunu for the help so far.

Next stop priv esc.

when i upload my file (the one that should work) its not loading (gives me wating for ever) although it was working before just fine? why is this happening ?

I’m still so lost. I’ve gotten some direction from some nice peeps but this is out of my league somehow. Anyone want to PM me about rce I would appreciate the help. I’ve got my w********g file and can see it after transfer but other than some filesystem look and see it’s pretty useless (to me). Sigh.

I got a rev shell, but cant find user.txt ? what am i missing ?

@jgorski think about the language you are using. Look to see what other commands you can use. Set yourself the challenge of pinging your attacking machine. Then from there keep building on it.