SecNotes

done

can someone PM me on intial foothold, which previous box is this like?

and me,pls

I know what I need to do in order to get root. Well, at least, I think I do. The problem is that the .exe I needed used to be there. But now itā€™s not. Iā€™ve used this .exe earlier on but I canā€™t seem to find it anywhere now. Thereā€™s a shortcut for it on the desktop but itā€™s not in the location where that shortcut is pointing. Any ideas?

@Mapperist said:
I know what I need to do in order to get root. Well, at least, I think I do. The problem is that the .exe I needed used to be there. But now itā€™s not. Iā€™ve used this .exe earlier on but I canā€™t seem to find it anywhere now. Thereā€™s a shortcut for it on the desktop but itā€™s not in the location where that shortcut is pointing. Any ideas?

I got stuck on this for days dude. Try not to focus too hard on the .exe itself, but what it could create. As soon as I realised this I had root.txt instantly.

@ashishjv1 said:

@ashishjv1 said:

@Seepckoa said:

@mxchai said:
Would be nice if someone could PM me about the initial foothold. I have no idea what to do except testing the web app, of which I found only XSS.

Thanks!

You need to do a little enumeration at the login level, we could inject what in a login page ?

i pretty much get what i need to do but the usernames taken * all of it *

Need to wait for my turn i guess ! :anguished:

Took me 2 days just to find xxxx.exe . Did someone mess up with the file or was it intentionally kept there ?

Rooted !

You didnā€™t even need to find ā€œITā€, you could of accessed it from anywhere. :wink:

@DataPush3r said:

@ashishjv1 said:

@ashishjv1 said:

@Seepckoa said:

@mxchai said:
Would be nice if someone could PM me about the initial foothold. I have no idea what to do except testing the web app, of which I found only XSS.

Thanks!

You need to do a little enumeration at the login level, we could inject what in a login page ?

i pretty much get what i need to do but the usernames taken * all of it *

Need to wait for my turn i guess ! :anguished:

Took me 2 days just to find xxxx.exe . Did someone mess up with the file or was it intentionally kept there ?

Rooted !

You didnā€™t even need to find ā€œITā€, you could of accessed it from anywhere. :wink:

Is there a way to access it from anywhere ? If Yes, Could you PM Me ?

2 days to find that ****.exe?

Takes only minutes with the right dir commandā€¦ :stuck_out_tongue:

@quadzer0 said:
2 days to find that ****.exe?

Takes only minutes with the right dir commandā€¦ :stuck_out_tongue:

Yup ! I fell for the .lnk trap ā€¦ :angry:

Hey guys, anyone else having trouble having a persistent shell (user level)? Mine drops everytime after about 20 seconds. Not sure what Iā€™m doing wrong

Iā€™m having the same problem @Elios, iā€™ve tried different shells :anguished:

Same here @Elios and @Luisk2, not sure if itā€™s part of the challenge or itā€™s unstable

@Elios said:
Hey guys, anyone else having trouble having a persistent shell (user level)? Mine drops everytime after about 20 seconds. Not sure what Iā€™m doing wrong

same hereā€¦

never once seen the shell drop on this box. Donā€™t know what your doing, but I used multiple different shells, and none dropped. I did get a couple hangs, but it was because I was doing stuff to hang it, while experimenting

kudos to this box :smiley: :slight_smile: fun oneā€¦ PM for nudges ā€¦

@stahaa said:

@Elios said:
Hey guys, anyone else having trouble having a persistent shell (user level)? Mine drops everytime after about 20 seconds. Not sure what Iā€™m doing wrong

same hereā€¦

try different shells for starters and see how they behave

@w31rd0 said:

@sysTester said:

@Elios said:
Hey guys, anyone else having trouble having a persistent shell (user level)? Mine drops everytime after about 20 seconds. Not sure what Iā€™m doing wrong

same hereā€¦

try different shells for starters and see how they behave

hmmā€¦ i am gonna try, thanks

@stahaa said:

@w31rd0 said:

@stahaa said:

@Elios said:
Hey guys, anyone else having trouble having a persistent shell (user level)? Mine drops everytime after about 20 seconds. Not sure what Iā€™m doing wrong

same hereā€¦

try different shells for starters and see how they behave

hmmā€¦ i am gonna try, thanks

i had quite a few unstable shells at some pointā€¦ but one method i used was quire stable after allā€¦
so maybe reset if you see no difference after all

@Elios said:
Hey guys, anyone else having trouble having a persistent shell (user level)? Mine drops everytime after about 20 seconds. Not sure what Iā€™m doing wrong

There might be a script that deletes files you upload after a certain time? :wink:

i got the initial credential but now i am stuck. how do i get reverse shell. Please give some hints : (