Frolic

now it’s up

Hi , i find the idk**** passowrd but i can’t find the webpage that i can login , any help???

Type your comment> @wail99 said:

Hi , i find the idk**** passowrd but i can’t find the webpage that i can login , any help???

bust the dirs and subdirs…

Hi all, I have used our orange friends language and decoded the trinary gobbledy gook from which I got nothing to understand except that part was decoded correctly. Building on that base with my favourite chef got me a bakers dozen bytes which won’t expand. Is that bakers dozen due to a lack of yeast? Do I have the wrong recipe? If you can understand me then perhaps you can help me with the right recipe. Much appreciated.

Edit: @clmtn Gave me a good ingredient to try. Managed to continue on cooking. Respect given.

Hi Guys,

Need a little nudge in escalation. So I am not very good with bf… however taking some hints from folks here… I have copied the rp file and tried to exploit in my machine. I am able to get syem add and sh*ll address. Using these two I am able to escalated privileges in my Ubuntu box… however when I am trying this on target box… it gives s******on err*r.

Please let me know if I can pm anyone…

Appreciate your help.

Nevermind! rooted it! good machine to learn new stuff :slight_smile:

Got user flag now looking to escalate out of www. I am pretty sure I found a binary target . I have an idea on what I think I need to do but never really done it before. Could someone please DM with some help/advice?

Type your comment> @kekra said:

@l30n said:
Yeah someone told me you can do everything on the machine as a www-data user? Can anyone verify that?

Yes - no escalation to another user required for rooting the box!

To everybody struggling with priv esc: I’d recommend again to search for videos on retired boxes that required the same type of BOF - and to practice with one of these boxes if you are VIP.
For me, those videos were the best and fairly self-contained ‘step-by-step’ tutorials for that method. If you rooted one of the old boxes, you should be able to use your old exploit script as a template!

Any recomendations of speciai machines/videos to learn :slight_smile: ? Thanks a lot

got the idk password and dirbusting the dirs and subdirs the hole day. Can someone give me please a hint about the location where I can use this?. Thanks

Im on the stage of getting root shell but cannot find the /bin/sh address. I have tried a script and other things but cannot get it. “Somebody! anybody! Help me!!” …please. Thanks

can someone help me with the second one decodation?
PM me please!!

This was my first machine ever, spent literally 15+ days to get the user and root.

Had to go through hundreds of docs, scripts & videos

Special thanks to ippsec, clmtn & mendedsiren63 :slight_smile:

Managed to root the box. Awesome priv esc, never did one like that. Thanks to @mendedsiren63 for helping out with awesome nudging without spoiling! :smiley:

Could someone PM me with some help with priv esc? I got it to work on my host VM but cant seem to get it to work on Frolic.

got user
going for root now

Hi, can someone help me on the ind…hp file ?

Finally got root, thanks to @ippsec videos
Learned so many things from this box

Also rooted the box. Return to libc is the technique that you need to learn. And for the first part just google the strange characters that you get and google will help you to find some strange progamming languages.

I’m stuck with the !?!! code. Can anyone PM me any hint.

edit