Vault

Can someone please help me out with that o*** file? I am stuck at this point for two days. Most of the time the page just loads infinitely…

edit: nvm, finally got the root flag. not sure how to get a root shell, though

The finishing touches on this box were wonderful, finally using a thing discovered a long time earlier. I learned several new concepts, big props to @nol0gz for putting together such a great box.

Hello People! Please could someone help me with RCE . I have file upload but need a nudge. I can see my upload but wondering if the file I created was correct and if my cmd’s are correct. Thanks

can someone PM moving from D** to V already root at D** can’t see anything useful under logs
[EDITED]
Rooted; Cheers!! for the hints and the creator for a nice box really learned a ton this weekend.

deleted misleading comment

need assitance :slight_smile:
i’ve got credentials, and i can to ssh as d into 10.10.10.109 but everything else failed, I can’t make o…n to call back, credentials are not working at s… services running at 5… ports, gp… files shows me nothing.
so, any directions are appreciated. thanks.

@portos060474 have you tried to check if it was successfully updated 1**.o**n with what you intended.

Type your comment> @c0b4l7 said:

@portos060474 have you tried to check if it was successfully updated 1**.o**n with what you intended.

negative. thanks!

Type your comment> @portos060474 said:

Type your comment> @c0b4l7 said:

@portos060474 have you tried to check if it was successfully updated 1**.o**n with what you intended.

negative. thanks!

I need to reset the box since it didn’t work at first;if your having trouble updating just do a reset and you will be set.

I need to reset the box since it didn’t work at first;if your having trouble updating just do a reset and you will be set.

nope, i’ve got root already.

Really great box !! Loved the second part.
PM if you need help

I have got the upload page.I have tried many bypass techniques but all have failed. Any hint will be appreciated.

@Master123 there are quite a few tutorials on those techniques and most of them show exactly how you can bypass this upload restriction. It’s nothing too fancy. Also, take a close look at the upload page. It should give you a hint on which file extensions could be allowed.

Another deleted misleading comment, feel so uneducated…

@cortex42 Thank you for your help. I bypassed it successfully.

Aw man totally awesome box! Learned so enormously much. My hat off to the creators!

lovely box. i really enjoyed it. congrats!

Vault is one of the interesting machines on the platform.
A lot of resets indicates that many hackers are interested to catch it while it still works. Comon guys! It’s worth it!

Really enjoyed this box so far, learnt loads! I’m somewhat stuck trying to get from D** to V****. Having explored the box, I think I know the address I need, but struggling on the approach. If someone could PM me and nudge me along that’d be ace, banging my head against this here!

Type your comment> @kulverstukas said:

@Baikuya said:
Am i the only one around here who stucks at the .-o**n website and is unable to get a callback to nc ? Like really, I am doing this for hours now and I am quite sure I know what to do but I never get a callback to my nc.
Is there a hidden ninja technique or am I supposed to sacrifice a cow ?

stuck on the same problem…can’t get a reverse shell through o***n. need a hint in the right direction.

EDIT: Got root on DNS

Can you give me a hint ?