Hint for HELP

Got user. Had done a stupid mistake. People who are able to file .png/jpeg file and not php, please look at the python code you are running.
Edit: And who are not able to find .jpeg/png files uploaded, you guys also check the python code.

Can some one give a hit/help in pm I am new at node.js

Hello guys kinda stuck here!
I managed to use the exploit and find my files but I am not able to establish a connection using r******_t**.
Kinda new on this exploit tecnique, I think I am doing some small thing wrong and as much as I am trying to fix things, nothing happens.
Can I PM someone(or someone PM me) so I can solve some doubts? Thanks!

Managed to get RCE after a bit of struggling. Got creds from the higher port and did some basic enumeration to get root. Always start with the most basic and obvious things rather than looking for a complex solution right off the bat.

I have rooted the machine with public exploits but would like to do it with node js and credentials way. Can anyone please nudge me in right direction?

Would anyone be willing to give me a hint with timetravelling ? I’m confused why there’s an issue sine time() is epoch and machine is set to correct date/time…

Type your comment> @5nak3Eyes said:

I have rooted the machine with public exploits but would like to do it with node js and credentials way. Can anyone please nudge me in right direction?

I am in the same boat. The typing error in that log file seemed interesting but couldn’t get my head around it. Any tips?

Type your comment> @krypt said:

Type your comment> @5nak3Eyes said:

I have rooted the machine with public exploits but would like to do it with node js and credentials way. Can anyone please nudge me in right direction?

I am in the same boat. The typing error in that log file seemed interesting but couldn’t get my head around it. Any tips?

This one also involves a google search and working your way up from the source code.

Hi
Could someone help me with the initial foothold?
I was trying to upload a shell but I don’t find the file after upload.
I was checking the exploit exactly where to find the uploaded file but no chance. The file can’t be found.
Could some one give me a hint?

Can someone PM me with some help on the time traveling and/or the high port enumeration? I want to work through both of them for the experience but I’m hitting a wall

Got User! It was a really good learning experience with this box! Gonna try to get root altought I dont know where to start as I never did a privesc before. If you guys could link me something to read about would be great!

Also if anyone want some help with user, just PM me! I am a beginner but I wil try my best to help you all :slight_smile:

Something to keep in mind for those trying the unauthenticated way:

What is the script doing to generate those filenames? If you have someone in Germany and someone in the United States, would the results be different? Why is the script iterating the range backwards and should that range be manipulated?

Got user and have been stuck on root for about 2 days now, can anyone nudge me in the right direction?

Got user, stuck with root. I tried xp***, but it is not working. Can anyone please PM me? Any direction will be helpful. Thanks!

Finally Rooted!
If anyone got user with the “Intended way” (high port) can you plz tell me how ?
I don’t know how to enumerate this kind of applications.

For general tips I think everything was already said.
If you need any help just pm me and tell where you are and what you’ve tried

Got Root!

If this is your first time doing a linux privesc (like myself), you are gonna need some basic research. Google videos/articles to basic privesc, they ALWAYS talk about the method you need to get root on this machine.
But the tricky part, especially for beginners is not the “end” is the “means”.

Anyway,. great box @cymtrick I learned A LOT with this! If anyone need help PM me!

yey rooted \o/
No need for me to get credentials for user and root.
Hint for User:

  1. Try increasing the range or think about timezones
    Hint for Root:
  2. If the heart is unpatched all the software on top should not care you

Rooted!

Didn’t even used n**.j* but I found the creds, user and root. It’s a simple machine only by the assumption that you know exactly what you should do. So in order to know what do do, my tip is: google EVERYTHING, specially the software you’re trying to penetrate.

PM for hints.

Finally rooted.
Boys and girls read the fucking source, understand what the server is doing and what’s happening to your files

PM for hints

Been stcuk for days trying to find the shell file on the webapp using the 40***.py exploit. If any wanna help me send me PM. THANKS