Dev0ops hints

Can someone kindly give me a nudge. I was able to get an upload but I’m unsure on how to go about putting a RCE payload inside it. The info I’ve read for doing so isn’t working. :confused:

Disregard, I figured it out! :slight_smile:

Been working on this for a bit now but haven’t made much progress. Found the interesting directory, however I’ve only been able to return 500 error’s. Tried modifying the layout a dozen different ways to zero success.

Really feel like I should’ve made some progress by now. A nudge in the right direction would be greatly appreciated. Cheers!

EDIT: Thank you @sckull for the assist, turns out I was very close, just needed a little nudge.

Took me some hours to get a shell but only some minutes to get root.
Nevertheless cool and realistic priv esc & machine overall. All hints you need are already here.

This machine requires XML knowledge doesn’t it?

Hi All,

I have obtained the user.txt. I am stuck in the next steps. I have read few log files but still not sure how to progress. Is there any hints? I tried to read all the post here but still not able to figure out.

Thank you

Total n00b here and I need my hand held for this one. Been working for a couple of days on this. Thanks.

Hi All,

I don’t find the injection point for upload file , can you give me some hints ?
There are only 2 pages but I don’t see anything

@evilcall said:
Hi All,

I don’t find the injection point for upload file , can you give me some hints ?
There are only 2 pages but I don’t see anything

It’s in front of you bro, just read what all is written on the ‘2 pages’ you found.

@drywaterv2 said:
This machine requires XML knowledge doesn’t it?

I dont think so, I didn’t had any knowledge when i did the machine.

Google bro, it has answer to almost everything

@meowzilla said:
Hi All,

I have obtained the user.txt. I am stuck in the next steps. I have read few log files but still not sure how to progress. Is there any hints? I tried to read all the post here but still not able to figure out.

Thank you

You know, when I don’t find anything, poking around in all the folders that i have access to helps :wink:

But maybe feed.py file available on the internet and I need to look source code ?

@evilcall said:
But maybe feed.py file available on the internet and I need to look source code ?

No need for all that, try a different approach.

I have tried everything I know… Are there some parameter guess in get request ?

@9999volts said:
Oh, i got something :slight_smile: TY GreysMatter

Finally got it! Nice box, thank you for this one! Went down multiple wrong routes, but I learned a lot during all those ways. Enumeration still teaches a lot too a newbie like me. :slight_smile:

DAMIT

Can i have some PM for hint to get priv esc? Thx! (I got the r*a.)
Solved! “Back in time in DevOps mode”

Can anyone let me know if “internal server error” is indicative of a goosed box or just poor formatting of what im posting?

tried lots of formats and i see get requests come back to me, but never the info i ask for… :expressionless:

@Phrenesis2k said:

@HackingSnake said:
I’m still at the beginning , found a page on a port. I’m trying to enumerate with dirbuster but gives me some errors, am I on the wrong track?

For some reason dirbuster failed for me aswell. try dirb

Having problems with dirb, I get a “Calculating NOT_FOUND code…”

edit: any suggestion on which wordlist to use?