I completed this box. If you need a hint, feel free to message me and include where you are, what you’ve tried, and what you’re thinking is up next and I’ll do my best to nudge you.
Got user via RCE, but can’t for the life of me get a reverse shell… I think I know what to do for root, but without that shell I can’t execute it.
Anyone around who can give me a hint?
EDIT: Got a reverse shell, now for root
EDIT2: Root done!
EDIT3: Naturally, you can PM me if you need any help!
Why the heck cant i use the exploit again to get admin account? worked last night now when i try again it works but it says wrong creds when i try log in?
I am getting exactly the same thing today. was working fine yesterday even after resets and no luck today!
Why the heck cant i use the exploit again to get admin account? worked last night now when i try again it works but it says wrong creds when i try log in?
I am getting exactly the same thing today. was working fine yesterday even after resets and no luck today!
yeah mate , i switched from VIP to free server and the free server it worked… wow lol
but the free server the website keeps getting 503 error paged ALL the time its so frustrating man
Ok, I’ve encountered alot of error 503s while I’ve been attempting this box. As I’m a noob could someone explain to me what might cause that error so that I can make sure that I am not part of that problem?
i literally can not do a single thing on this box because everytime i find something or get close it gives me a 503 and then i have to wait a couple min before i can even do anything this is so annoying
Just ridiculous at this point tbh… Its more of a race and who can execute the reverse shell first rather than hack the stupid box man im actually raging, been at this for HOURS man and all i see is 503 loool only had the reverse shell once cos every time after it gets ■■■■■■ bricked the website… VIP server doesnt even work on this box ■■■■
Rooted! The 503s and 404s has been a tough challenge! This is my 3rd box and learned something from it. As opposed to those people who said that nothing can be learned from this, I can say that this is a good practice for beginners.
Thanks @ch4p for this box! Thanks @mpzz and @SN01 for the small nudges.
I am not sure how most of you did it because I can only see MY “special” order to get initial shell. If anyone has time to spare, I’d like to compare my steps to yours.
PM me if anyone needs a little push to the right direction.
@UIDEQUALSZERO said:
is anyone getting the following error with one of their exploits today?
tunnel = tunnel.group(1)
AttributeError: ‘NoneType’ object has no attribute ‘group’
It was working fine for me yesterday and I changed the parameter accordingly, PM me
The only exploit i used didn’t require a lot of change, maybe like a few chars. But to answer the question nah i just tried it again and it worked. Might be the wrong version if it’s the exploit i’m thinking of