Curling

@Tugzen said:
Hi Guys,I got the reverse shell but couldn’t spawn the shell.I need change to other user to read the user.txt

Any hint will be appreciate.

Thanks

Look at the p…_b… file

@KR4CK said:

@Tugzen said:
Hi Guys,I got the reverse shell but couldn’t spawn the shell.I need change to other user to read the user.txt

Any hint will be appreciate.

Thanks

Look at the p…_b… file

Yes there is something like a password inside it.But without spawn the shell,how I can use it?I can’t use su commands.(Is it possible that I am missing some very easy points,ı am such a newbie in this area)

Spoiler Removed - egre55

Spoiler Removed - egre55

I got the root flag but I am very interested in how to get the root shell. Can anyone PM some tips? Would be greatly appreciated. I have tried uploading stuff with the “tool” but it does not seem to work. I kind of have the idea what i should be doing but I can’t seem to make it work.

Alright, I’m at the p_b file, I’ve researched how to determine what it is exactly and supposedly how to open it, but I’m hitting a wall, could someone PM a tip/nudge in the right direction? Much appreciated.

Edit: Figured it out why I was getting permissions errors.
Feel free to PM me if you get stuck on the same part.

I’m working on root.txt? could someone PM a tip? Thank You

Can someone help me for the user login please . I searched in the source page but couldn’t find any clue . I get the password in s*****.txt

Great box. Seemed to be simple but turned out to be a little bit tough, at least for me.
Don’t over think it, I know it sounds meaningless but I’m serious. If you’re trying to log in to the blog, just look for the user name, it’s in front of your eyes. Hint: People usually introduce themselves at the first time and tell their name and such. Same thing here. Just look through the posts of the blog.
Root is pretty simple, just look for the time of the files and see if something’s strange. Try to figure out what command it uses then and read about the parameters it uses.
I would love someone to PM me with a hint with getting a root SHELL.

Hello, I have come to ask you for help if you can help me, I have used several scans in joomla but I have not met some php object injection but I have not been able to exploit it, if someone can give me a tool light or just the name of the vunerability can have because I’m already a long time in this challenge thank you can send by PM, God bless everyone.

Decent box. Solutions seemed a bit contrived. The principles behind them are solid, though. I had fun.

PM me if you need help.

Would very much appreciate any hints towards getting the root flag! I have foudn the files of interest and know the command i need to use, and have scoured the man page, and i think i know which option to use for it. but not getting anywhere. anyone able to PM me some pointers I would be very grateful :slight_smile:

Love the box. for a newbe its was fun and opened my eyes on new things. Getting in was peace of cake same goes for owning the user. after hours of struggling with trying to get root, I managed to get root.txt.

I’m still wondering how to get root as shell. I would appreciate if someone would PM me.

Can someone help me with getting root.txt? I already have user but I can’t figure out the next step. I see the files I need to do something with and know I need to use c**l but I’m not sure how.

I keep getting permission denied when trying to open the p*******_b***** file. Am I missing something? Still the www-data user. I can see prefix indicating the right tool but can’t get it to work

Edit: NVM lol

@zealovault said:
Can someone help me with getting root.txt? I already have user but I can’t figure out the next step. I see the files I need to do something with and know I need to use c**l but I’m not sure how.

Maybe try to see what the files are doing/using? That might lead to what you need to do/use.

Can I PM someone for a nudge on root?

Edit: Got root

Got the root flag, but not a root shell. Does anyone know if the intended way was root shell, or just to grab root.txt?

Can someone DM a hint for root.txt? I can see the processes being used to edit the two files in the a****-a*** and i’ve looked through the man files for c**l but I haven’t found anything useful

Edit: Just got it thanks to @3therk1ll and @Liz4rd !

@VincentZ174 said:
Can someone DM a hint for root.txt? I can see the processes being used to edit the two files in the a****-a*** and i’ve looked through the man files for c**l but I haven’t found anything useful

PM’d you dude