Swagshop

i got user but I’m struggling with getting root any hints would be nice

Rooted! The 503s and 404s has been a tough challenge! This is my 3rd box and learned something from it. As opposed to those people who said that nothing can be learned from this, I can say that this is a good practice for beginners.

Thanks @ch4p for this box! Thanks @mpzz and @SN01 for the small nudges.

I am not sure how most of you did it because I can only see MY “special” order to get initial shell. If anyone has time to spare, I’d like to compare my steps to yours.

PM me if anyone needs a little push to the right direction.

is anyone getting the following error with one of their exploits today?

tunnel = tunnel.group(1)
AttributeError: ‘NoneType’ object has no attribute ‘group’

It was working fine for me yesterday and I changed the parameter accordingly, PM me

Type your comment> @sornram9254 said:

Stuck in 503 many times. ?
Please exploit carefully. ?

I’ve come to find that’s actually supposed to happen :wink:

@UIDEQUALSZERO said:
is anyone getting the following error with one of their exploits today?

tunnel = tunnel.group(1)
AttributeError: ‘NoneType’ object has no attribute ‘group’

It was working fine for me yesterday and I changed the parameter accordingly, PM me

The only exploit i used didn’t require a lot of change, maybe like a few chars. But to answer the question nah i just tried it again and it worked. Might be the wrong version if it’s the exploit i’m thinking of

got root and thanks for those who helped me…pm for hint…

My first root!!! thanks @marine

ROOTED !!

Thanks @marine for the help…
PM me for hints…

Type your comment> @Tepidangler said:

Type your comment> @sornram9254 said:

Stuck in 503 many times. ?
Please exploit carefully. ?

I’ve come to find that’s actually supposed to happen :wink:

This is misleading, you can root this box without causing a 503.

Type your comment> @UIDEQUALSZERO said:

is anyone getting the following error with one of their exploits today?

tunnel = tunnel.group(1)
AttributeError: ‘NoneType’ object has no attribute ‘group’

It was working fine for me yesterday and I changed the parameter accordingly, PM me

Same here bro!

This is my first box. I proceeded to some enumeration regarding ports/services and started tinkering with the website. Found a couple of folders/files which seem interesting but I’m basically stuck. If anyone can PM me with some hints it’d be really appreciated.

I’m having issues finding where I should upload my shell, I see that I can upload M*****o extensions in the downloader page but I’m missing a piece of the puzzle. Could someone PM me a hint?

Edit: rooted. PM me if you need a nudge. @ch4p the service unavailable errors were a pain but imo it demonstrates why knowing what your exploits do is crucial. Overall a fantastic box!

Finally rooted ! Thanks a lot @azasdf74M for all the help …and thanks @ch4p for the box…

And rooted ! If you need help PM me

any way of getting around the 503 errors know what the exploit is to get an initial shell but errors getting in my way arrrgh…

Can someone help me with priv esc? i know what i am supposed to do but i keep getting prompted for the user password when running s*** v* and i shouldnt be

@badman89 said:
any way of getting around the 503 errors know what the exploit is to get an initial shell but errors getting in my way arrrgh…

If you already have your initial shell, create a loop to delete the maintenance.flag file from swagshop’s web root directory while you work on your privesc. That would give you peace until someone decides to reset the box. (hint: the 503s won’t matter anymore once you have your initial shell. Actually it still matter because other users would reset the box when they cannot get into the Admin Panel.)

Some people are uploading their shells in a way that would cause M****** to be put in maintenance mode. Some are editing the index.php file.

If your research tells you to edit the index.php file, please move on and look for another way. It would save you and other people from the hassle.

ok cheers @Thomasian , seems to be ok now ive moved server! any hint on where to get the file i need to upload have one but says connect error unsupported resource type

Type your comment> @p0wn3y said:

Can someone help me with priv esc? i know what i am supposed to do but i keep getting prompted for the user password when running s*** v* and i shouldnt be

Are you authorized to run the binary as root anywhere?

@badman89 said:
ok cheers @Thomasian , seems to be ok now ive moved server! any hint on where to get the file i need to upload have one but says connect error unsupported resource type

Uploading through M****** Con**** might put it into maintenance mode. I did not upload my shell there. I am not saying you can’t do it there but there is an easier way to upload you shell without creating your own extension package file for your shell.