Inception

Can anybody hint about root flag ??? I think need to find to an other machine… Am I on right way ???

@puerkito66 said:

@n1b1ru said:

@xabaras said:

@Amonsec said:
I can execute code but I have trouble to gain a remote shell. I already tried different languages but they all seems to don’t be able to connect my IP.

I can read files…but cannot execute commad… have you any hints?

So do I. Did you solve the way to execute it???

Same here, got lfi, and some creds, but can’t get code execution or figure out what’s next :confused:

Enumerate configs

@r2d2 said:

@puerkito66 said:

@n1b1ru said:

@xabaras said:

@Amonsec said:
I can execute code but I have trouble to gain a remote shell. I already tried different languages but they all seems to don’t be able to connect my IP.

I can read files…but cannot execute commad… have you any hints?

So do I. Did you solve the way to execute it???

Same here, got lfi, and some creds, but can’t get code execution or figure out what’s next :confused:

Enumerate configs

Well, I got a directory, asks me for creds, put the creds and throws me an 403 error D:
Is this the correct way or i missed something?

@puerkito66 you are on the right track. You are just the missing the correct way to access the service running on this directory

@zelsonm1 said:
@puerkito66 you are on the right track. You are just the missing the correct way to access the service running on this directory

Also tried over the proxy, but same happended, i think is not the intended way, or maybe i’m doing it wrong :confused:

Done)

@n1b1ru said:

@xabaras said:

@Amonsec said:
I can execute code but I have trouble to gain a remote shell. I already tried different languages but they all seems to don’t be able to connect my IP.

I can read files…but cannot execute commad… have you any hints?

So do I. Did you solve the way to execute it???

nope, but I moved on a different box/challenge :slight_smile:

Hi guys,

I’ve been stuck with the root flag for days. I have tried several things in different “places” without luck. Could someone help me?

@RevangelyonX said:
Hi guys,

I’ve been stuck with the root flag for days. I have tried several things in different “places” without luck. Could someone help me?

Same with me :confused:

So do I. I’m finally root but some problems with flag. Any suggest?

Got user flag. I need some hep in order to understand the right network topology of this box. Would you mind to message me in order to clarify some network points???

@puerkito66 said:

@zelsonm1 said:
@puerkito66 you are on the right track. You are just the missing the correct way to access the service running on this directory

Also tried over the proxy, but same happended, i think is not the intended way, or maybe i’m doing it wrong :confused:

I’m facing the same problem. Have you figured it out?

@ploami said:

@puerkito66 said:

@zelsonm1 said:
@puerkito66 you are on the right track. You are just the missing the correct way to access the service running on this directory

Also tried over the proxy, but same happended, i think is not the intended way, or maybe i’m doing it wrong :confused:

I’m facing the same problem. Have you figured it out?

Nevermind, got it.

Hello, I need a hint… Am I suppose to find the creds for the “hidden” service in a config file? I have some creds from a non-hidden service but these do not work for the second one. I have one user to log in, but I think bruteforce in this scenario will take eons.

@MrGill said:
Hello, I need a hint… Am I suppose to find the creds for the “hidden” service in a config file? I have some creds from a non-hidden service but these do not work for the second one. I have one user to log in, but I think bruteforce in this scenario will take eons.

Nevermind, read more about “configs” you find.

One of anyone else’s favorite machines so far?

This box seems to be quite difficult. I have found a way to access two different services that require a login and I have been able to read files from the server. Yet, I haven’t been able to execute code and I haven’t been able to find any credentials either of the services. Found some useless credentials, which I assume won’t be needed for anything. I wrote a small Python script to try out the “obvious” user/pass combinations, but didn’t get anywhere.

I don’t quite understand how reading more about “configs” will help me :anguished: Perhaps I’m missing something crucial.

Finally found the “credentials”. I actually wrote a small Python script to find it, but I suck at this enumeration thing apparently. Now the rest should be relatively straightforward I hope.

Errare humanum est! It wasn’t straightforward! Well, I know what to do during the night as I have some “leads”. It seems I must go deeper!

I really like this machine, though it’s certainly not easy to crack. (At least not easy with my limited skills.) Please don’t retire this machine :+1:

I’m root, but the root flag is … wtf. :dizzy: