Ghoul

@MinatoTW what about the files in /tmp owned by root?

Edit: nevermind i’m an idiot - other people’s stuff - thanks for the reply though :slight_smile:

Those are fine.

@MinatoTW Starting to think this “File Upload” is just a troll… (once again, lol. Ran into 2 already). I hope to god I’m not wasting my time. Been stuck at this same part since it released yesterday and haven’t slept yet :dizzy:

+24 hour box !

Okay i understand the idea of try harding and thinking outside the box but isn’t this a bit extra ? There were 3 guesses (as far as i faced with) and what are those other su…s tbh ? Do we need bring 10 pieces of notes to solve a puzzle which doesn’t even work in the way they explained ? I got disappointed with this one compared to your other boxes…

Since everyone is stuck in a certain part just before root (ironically, the last steps are very clear, but AFAIK everyone is missing something in the middle) might as well give some user hints

  • Enumerate everything, and make sure you note down anything that sounds “suspicious” or different from what is supposed to be a wo*****ss site
  • If things aren’t working as you expect, as the saying goes, “if the mountain will not come to Mohammed, Mohammed will go to the mountain”
  • The box makers left lots of cryptic clues, some are useful and some are not, but make sure you note them all down

Type your comment> @mpeg said:

Since everyone is stuck in a certain part just before root (ironically, the last steps are very clear, but AFAIK everyone is missing something in the middle) might as well give some user hints

  • Enumerate everything, and make sure you note down anything that sounds “suspicious” or different from what is supposed to be a wo*****ss site
  • If things aren’t working as you expect, as the saying goes, “if the mountain will not come to Mohammed, Mohammed will go to the mountain”
  • The box makers left lots of cryptic clues, some are useful and some are not, but make sure you note them all down

It would be helpful if wpn actually recognized that it’s a wo**ss site, but it doesn’t…

So is the upload a rabbit hole?

Type your comment> @Glasgow said:

So is the upload a rabbit hole?

no the upload is not a rabbit hole I assure you I just championed the upload and have landed a shell

Now this is at the creator about your clue to ignore /var/tmp does the nsa or encryption have anything to do with this ?

is the se***.jpg a rabbit hole or needed to get to ka***_*dm ?

I am surprised I owned the user, but giving up with root for now, have to improve my skills on easier boxes :slight_smile:
User: take a ride down the slide
Very nice box till now :slight_smile:

Can we agree yet that this is the worst thought-out box in HTB, or should we wait a few more days for that?

Type your comment> @mpeg said:

Can we agree yet that this is the worst thought-out box in HTB, or should we wait a few more days for that?

For now I can agree on that, unless the root is really something special and clever…

EDIT: I’m an idiot.

I still believe that there is something wrong with the box. I think creators forgot to add something or something is not working in the way it’s supposed to and there are some pieces that doesn’t fit to anywhere. Such a waste of time .

Now you know nothing is missing. ^

@MinatoTW said:
Now you know nothing is missing. ^

Can confirm, nothing is missing ^^

Type your comment> @MinatoTW said:

Now you know nothing is missing. ^

So the box is a time-waster by design! Good to know.

Hello, found something that doesn’t work and why, but that’s all, used burp, nmap, owasp zap and nessus (<- know that here u don’t have to use it but nevermind I’m happy), anyone can send me a hint? Thanks

Hi,
i also found some useful sites. Should i guess user and password or should i brute force it?
I am thankful for a hint :slight_smile:
update: no need to brute force :slight_smile: you can guess the user and password. It is verry easy :wink: and sometimes i think i am stupid LoL

I’ve authenticated against both 8080 and /us/index.php but not sure where to go from here. Is it this kai.jpg?