Hey guys, curling is my first ever CTF attempt... I've managed to fumble my way into user and can see the a-a folder everyone is talking about. Can also see the files being accessed... but not sure where to go from there. Can someone please PM me with a nudge in the right direction?
Finally got root flag, but I cannot figure out how to get a root shell.
EDIT: I must just have the syntax wrong. I can get what I want from the user shell to spawn a reverse user shell, but I cannot get the same result using input. If I am one the right track, please PM me.
Can anyone help me? Currently stuck at a****-ar**, and managed to see the command in the processes. Tried looking at the man for c**L but still didn't get it
Hey, i found interesting file s*****.txt on inspect element but didn't get clue for the username to login admin joomla, anyone can give me a clue? i tried to create username wordlist but didn't success to login admin page
Hey, i found interesting file s*****.txt on inspect element but didn't get clue for the username to login admin joomla, anyone can give me a clue? i tried to create username wordlist but didn't success to login admin page
@blackcat said:
Hey, i found interesting file s*****.txt on inspect element but didn't get clue for the username to login admin joomla, anyone can give me a clue? i tried to create username wordlist but didn't success to login admin page
Read....The.....articles! This will give you what you are looking for 100% Good Luck!
Ladies and Gents, I achieved USER Sh*** yesterday and I feel that I am close to root but I am just missing something. Any helpful input based on that would be totes amazing lol!
Grabbed the user flag but got stuck going for root. A helpful tip from GDX confirmed I was on the right path and gave me what I needed to see the full picture and make it work.
I got the user.txt file but am stuck on escalating myself onto Root. This is my first machine, after reading hints about processes, I have no clue. Anyone willing to provide me a tip via PM?
can someone provide me a nudge on how to get root? i know if i change something affect other thing but cannot make it work to read root. Any nudge pleaseeee
> @SPENCERTT said:
> Any one can give a hint for root, got stuck in a-a folder.
Honestly, the best hints are already on this thread. Any more would be a dead giveaway. If you need more than that, you will need to ask someone via PM.
Just got super user and the credentials were very upsetting, makes you want to pull your hair out. The only thing that makes me feel marginally better is defacing the website.
Is this why people seem to hate CTF?
Anytips on privesc out of www-****?
Edit
Just got user, although I am interested in how folks got root.txt before they got user.txt
In my attempt from my r****** sh*** I tried c*** and nc to put a backdoor with on user ww******. Rather than a restricted shell, it seems like the user group is at play blocking write privs so to me you bypassed/edited the user group config? Would like pm's on this subject.
Got root.txt but still lingering thoughts/questions. My take away from this box is to not have a config file for a service running as root be writable by a non root user.
I'd like to know how people a getting a shell but I still want to figure this rather than be told
so my question is,
what service is updating the ad-ar files?
edit:
I tried putting in the location of shell in the same format as root and got binary as output.
Any care to explain in a pm?
stuck at p****_b****p. The magic number shows it as bz*. I decompress it and it gives still hexdecimal data. FILE $FILE says its ASCII. Any nudges please
Comments
Got the user.txt and root.txt
but the root.txt permission have anything wrong?
Hey guys, curling is my first ever CTF attempt... I've managed to fumble my way into user and can see the a-a folder everyone is talking about. Can also see the files being accessed... but not sure where to go from there. Can someone please PM me with a nudge in the right direction?
Finally got root flag, but I cannot figure out how to get a root shell.
EDIT: I must just have the syntax wrong. I can get what I want from the user shell to spawn a reverse user shell, but I cannot get the same result using input. If I am one the right track, please PM me.
n00b
Can anyone help me? Currently stuck at a****-ar**, and managed to see the command in the processes. Tried looking at the man for c**L but still didn't get it
Hey, i found interesting file s*****.txt on inspect element but didn't get clue for the username to login admin joomla, anyone can give me a clue? i tried to create username wordlist but didn't success to login admin page
Hey, i found interesting file s*****.txt on inspect element but didn't get clue for the username to login admin joomla, anyone can give me a clue? i tried to create username wordlist but didn't success to login admin page
Can somebody help me with final stage, I just need right syntax to get my file (output of file of course)
Edit: rooted, nevermind...
|OSCP|OSCE|
Read....The.....articles! This will give you what you are looking for 100% Good Luck!
Thanks for all you guy's help and hints really appreciate it
deda1mraz thanks to you bro and GDX 
Ladies and Gents, I achieved USER Sh*** yesterday and I feel that I am close to root but I am just missing something. Any helpful input based on that would be totes amazing lol!
Got it!
Grabbed the user flag but got stuck going for root. A helpful tip from GDX confirmed I was on the right path and gave me what I needed to see the full picture and make it work.
Thanks
I got the user.txt file but am stuck on escalating myself onto Root. This is my first machine, after reading hints about processes, I have no clue. Anyone willing to provide me a tip via PM?
can someone provide me a nudge on how to get root? i know if i change something affect other thing but cannot make it work to read root. Any nudge pleaseeee
OSCP-OSCE
I tried to upload .php file after making changes in allowed extensions but still unable to upload the .php file am I doing anything wrong
finally got the shell............
I still dont get how to make c*** to read files
a nudge someone !
edit: GOT IT! thanks for the clue @jkr
OSCP-OSCE
Yup, as an noob can someone help me to create a reverse shell? cause I tried everywhere and now I don't know what options I have...
Edit : Reverse Shell is ok now!
Any one can give a hint for root, got stuck in a-a folder.
> Any one can give a hint for root, got stuck in a-a folder.
Honestly, the best hints are already on this thread. Any more would be a dead giveaway. If you need more than that, you will need to ask someone via PM.
n00b
is s*****.txt just to mock you?
nope! id continue to figure out what's in the txt file
I already curl'd it in the last comment and it seems to be a hash, clues on what I might do with it?
Just got super user and the credentials were very upsetting, makes you want to pull your hair out. The only thing that makes me feel marginally better is defacing the website.
Is this why people seem to hate CTF?
Anytips on privesc out of www-****?
Edit
Just got user, although I am interested in how folks got root.txt before they got user.txt
In my attempt from my r****** sh*** I tried c*** and nc to put a backdoor with on user ww******. Rather than a restricted shell, it seems like the user group is at play blocking write privs so to me you bypassed/edited the user group config? Would like pm's on this subject.
Yesterday I am able to get the shell, but today when i tried to reproduce the same thing unable to do so . Need some guidance here
I don't know what to do with and a-a files...If someone has a hint!
Hello, I could use a hint for root.txt. PM appreciated. TY
Got root.txt but still lingering thoughts/questions. My take away from this box is to not have a config file for a service running as root be writable by a non root user.
I'd like to know how people a getting a shell but I still want to figure this rather than be told
so my question is,
what service is updating the ad-ar files?
edit:
I tried putting in the location of shell in the same format as root and got binary as output.
Any care to explain in a pm?
On the same boat.. unable to understand how to leverage the a-a area files to get root.txt
stuck at p****_b****p. The magic number shows it as bz*. I decompress it and it gives still hexdecimal data. FILE $FILE says its ASCII. Any nudges please