Hint for HELP

Just got root. Wow, that took a lot longer than it should have done, but at least I learnt a lot about shells.

The root isn’t quite as easy as it first appears. Think about what’s actually gone wrong.

Got root!! Thanks to @smaxxx @EXC3L I was getting invalid argument error when executing exploit, but it worked after couple of resets.

Stuck on user, so I got the credentials from the high port and logged into the lower port but I’m lost on what to do next. PM me I need help :frowning:

Got the credentials, cannot connect low port with them, any suggestions?

Got root the unintended way, This was a good box.

Pm for Hints if needed :smiley:

Think somebody change username and pass, cant login anymore…

Got root, but I am still wondering about the hints on caps lock and misspelling for privesc. Anyone wants to shed a light in PM? Thanks!

Got user. Had done a stupid mistake. People who are able to file .png/jpeg file and not php, please look at the python code you are running.
Edit: And who are not able to find .jpeg/png files uploaded, you guys also check the python code.

Can some one give a hit/help in pm I am new at node.js

Hello guys kinda stuck here!
I managed to use the exploit and find my files but I am not able to establish a connection using r******_t**.
Kinda new on this exploit tecnique, I think I am doing some small thing wrong and as much as I am trying to fix things, nothing happens.
Can I PM someone(or someone PM me) so I can solve some doubts? Thanks!

Managed to get RCE after a bit of struggling. Got creds from the higher port and did some basic enumeration to get root. Always start with the most basic and obvious things rather than looking for a complex solution right off the bat.

I have rooted the machine with public exploits but would like to do it with node js and credentials way. Can anyone please nudge me in right direction?

Would anyone be willing to give me a hint with timetravelling ? I’m confused why there’s an issue sine time() is epoch and machine is set to correct date/time…

Type your comment> @5nak3Eyes said:

I have rooted the machine with public exploits but would like to do it with node js and credentials way. Can anyone please nudge me in right direction?

I am in the same boat. The typing error in that log file seemed interesting but couldn’t get my head around it. Any tips?

Type your comment> @krypt said:

Type your comment> @5nak3Eyes said:

I have rooted the machine with public exploits but would like to do it with node js and credentials way. Can anyone please nudge me in right direction?

I am in the same boat. The typing error in that log file seemed interesting but couldn’t get my head around it. Any tips?

This one also involves a google search and working your way up from the source code.

Hi
Could someone help me with the initial foothold?
I was trying to upload a shell but I don’t find the file after upload.
I was checking the exploit exactly where to find the uploaded file but no chance. The file can’t be found.
Could some one give me a hint?

Can someone PM me with some help on the time traveling and/or the high port enumeration? I want to work through both of them for the experience but I’m hitting a wall

Got User! It was a really good learning experience with this box! Gonna try to get root altought I dont know where to start as I never did a privesc before. If you guys could link me something to read about would be great!

Also if anyone want some help with user, just PM me! I am a beginner but I wil try my best to help you all :slight_smile:

Something to keep in mind for those trying the unauthenticated way:

What is the script doing to generate those filenames? If you have someone in Germany and someone in the United States, would the results be different? Why is the script iterating the range backwards and should that range be manipulated?

Got user and have been stuck on root for about 2 days now, can anyone nudge me in the right direction?