Frolic

@Baikuya thank you

Rooted. This was a tricky. But I just love binary exploits so had a lot of fun with this. :smiley:

Feel free to PM for help. Cheers.

Got user, a bit easier than I thought. Now heading for root!

Awesome machine. Thanks to the creator. User was a CTF, but taught enumeration is the key.
PrivEsc - never done that like that before. Was a great learning experience for binary exploitation.

Just rooted, pm if you need help
Hints:
User: Scan for files in folders you’ve found already?
Root: How can you privesc with a binary… hmmmmmmmmm

Got user, now onto root. I must say I sort of liked the CTF style of getting user, but at the same time it was really contrived.
PM me for user hints

maybe that file is corrupt.? i did it cyberchef, i put base64 decode then i put unzip , then it gave index.php file . inside i found this ‚]-ŽŠ……d which doesnt make any sense to me

@vict0ni said:
i got a problem with the b4 decode of the second string. When i paste it in a .z** file end try to u it, i get an error. Can anyone pm me so that i don’t post any spoilers here?

Edit: fixed :expressionless:

For anyone having this issue: copy from the source

@vict0ni said:

@vict0ni said:
i got a problem with the b4 decode of the second string. When i paste it in a .z** file end try to u it, i get an error. Can anyone pm me so that i don’t post any spoilers here?

Edit: fixed :expressionless:

For anyone having this issue: copy from the source

Or you can use a command, such as sed, to ensure that any white spaces are removed.

Hi,
I’ve got the idk**** and found some dir wich is called pl****s, but I don’t have access to it. I am stuck now :confused:
Can anyone please give me a hint?

r0073d

Hey, found PlS and user/password creds on the http port, but lost on what to do from here…any help is really welcome!

I’m just too stupid.
I have access to the A**** Panel and also have created an S*****. I’ve tried everything on Tri***** and Ite**. But I don’t get it executed.
Please PM so that I can make the first step towards user

Edit: Wrong Forum sorry ! :frowning:

Just wanted to say a big thank you to @sahay for this box. I actually quite enjoyed the initial “challenge” and got through it really quickly, but then got stuck for a few hours due to not checking my dirb output carefully enough. Doh! Mental note made for the future!!! :slight_smile: After getting user I had an idea what I needed to do, but having never done anything like it before I needed to do some research. Thanks to everyone who mentioned the video for a previous box. I watched that super carefully, did a bit of work and then Boom! Rooted! :smiley: From reading some of the other comments here I’m pretty sure people are going to read what I’m going to say next and think “WTF has she been smoking” lol but I loved this box, I think it’s been my favourite so far :open_mouth: Great little root challenge and a nice little intro to BOF. Definitely learnt a few things from it.

Stuck at the ?.! message. PM me please !
Thanks in advance

Rooted thanks @dionero for the hint provided in the comments. Its enough for privesc of frolic

Any hints for root reverse shell ? I already got root.txt

How can you get root.txt without having a shell?

Enjoyed this box. Well not the user part but root was a good recap for some BOF.

Last time I did a good BOF was Calamity which was a lot harder than this one but just shows if you dont use it you lose it.

Was good learning how to obtain address without a certain program. Thanks to IPPSEC for that.

If you’re stuck: Get it working exactly the same way on your host as you intend to on Frolic, that includes your method for getting addresses.

Hello guys I’m trap in this box I found that password I dont know if is a rabbit hole like the login on 1880/red but I don’t find where to login whit that pass I enumerate a lot in directory and subdirectory but nothing I try on s…t but nothing, I don’t know any hint should be appreciated please give me PM THANKS

Guys please can someone PM I’m trap with this long code I dont find the way to decrypt, even I dont know what it is can some please give me a hint were to decode.