Swagshop

503 error occurs all the time today… you just can’t do much when the site is down! WTF is going on over there ?

Hi guys, I’ve found the admin login page but can’t seem to find the credentials. I’ve found a config.php file but its just blank and then every time I go to the homepage I’m getting a 503 error. Would anyone be able to help me and push me in the right direction please? Struggling to even get user! Thanks

@tomc5241 said:
Hi guys, I’ve found the admin login page but can’t seem to find the credentials. I’ve found a config.php file but its just blank and then every time I go to the homepage I’m getting a 503 error. Would anyone be able to help me and push me in the right direction please? Struggling to even get user! Thanks

Google’s your best friend. In these scenarios I like to try “{name_of_platform} exploit” and get to scrolling. Maybe you’ll find something?

Also the 503’s are plaguing us all. Happens when you’ve got a bunch of hackers hammering this thing. Just gotta wait… probably a reset on it’s way.

Finally rooted after far too long - to address some common issues people are having:

The reason everyone is 503-ing is that the site is being set to maintenance mode when people are playing with ‘Connect’. Uncheck the checkbox and it won’t happen.

Attempting to go the route outlined in Youtube Videos / Articles won’t work because the package isn’t accepted. Google [SERVICE]-tar-to-connect and use that to repackage.

Hope this helps!

I got access to admin panel but unable to get reverse shell after that, Can anybody help me?
EDIT: Got reverse shell and user flag.
Any help for root.

EDIT: Finally Got root, Thanks to @env and @MrSquakie for your help.

If anyone needs any help you can ping me.

Thanks to @ch4p and the HTB Team for the great gift at the end of the box. I’ve been waiting for this for a long time!
The box is very easy and you can use a lot of *.php files to edit them for getting a shell.

Finally got root.

This box was incredibly easy after researching the webapp but was by far the most unstable box I’ve encountered on HTB.

hints for user:
don’t rely too much on scripts or pre-made exploits. There is one you will need to get initial foothold, but to exploit web-app you can do it manually much easier after researching/enumerating the app.

hints for root:
this command should be one of the first things you run in any privesc enumeration. The output is slightly different from the usual boxes that I’ve seen on htb and the key is to understand the difference.

FInally got user and root! Thanks to everyone that helped, unfortunately I admit that I’ve lost a lot of time in a rabbit hole trying to use an exploit that, as I undestand, worked for some time but now it doens’t.

Anyway, here my two cent:

user.txt:

  • Don’t lose to much time with the exploits. There is one useful, another that isn’t necessary and you can substitute with any shell. Google will guide you in the hacking of this application, look well and you will find how to hack it. Google Fu!!!

root.txt

  • the easiest root ever so far. It’s basic basic basic enumeration, nothing difficult

PM me if you need any help!

I’m always getting:
AttributeError: ‘NoneType’ object has no attribute ‘group’
Anybody getting the same error for 3***1.*y
I set the necessary settings in the exploit.

@mava said:
I’m always getting:
AttributeError: ‘NoneType’ object has no attribute ‘group’
Anybody getting the same error for 3***1.*y
I set the necessary settings in the exploit.

I wouldn’t go down that rabbit hole my friend. Maybe other’s got it to work but there are easier ways in.

stop resetting ffs , i got logged into admin then the whole site crashed, its hard to do anything productive when its always crashing

how do i get the full path to the application?

Type your comment> @pentesta961 said:

how do i get the full path to the application?

Emumeration is key for this

Finally rooted this ■■■■■■ thing.
Couple thoughts:

Nothing tickles my fancy quite like hacking an eCommerce site to earn the right to buy some swag. That just really does it for me. I bought everything.

However, the experience on this box was less than ideal. The prominent way in has the side effect of bringing it all down (503’s) and that just sucks. I believe there is a way (some of you noticed a special checkbox…) to stop the 503’s but not everyone reads the forums and is so conscious. There’s also a chance that some of the work may have been done for you already by other hackers, which spoils the fun in my opinion.

Definitely a couple rabbit holes, chased some exploits that just weren’t going to work.
The most difficult thing about this box is being able to do anything on it with all the chaos of resets and 503’s.

USER
Don’t get tunnel vision. (that’s a subtle hint). Don’t edit index.php (this ruins things for everyone else).

ROOT
Understand the syntax and realize that it’s being very prescriptive about what and how. (too vague…?)

DM me for clues!

Once you find the right tool to get a shell, its all cake from there.

Banged my head a bit to find out how to actually edit things, which I knew was possible via hints. Once you’re in (as admin), try using something that is “ribbed”.

Type your comment> @argot said:

Once you find the right tool to get a shell, its all cake from there.

Banged my head a bit to find out how to actually edit things, which I knew was possible via hints. Once you’re in (as admin), try using something that is “ribbed”.

I’ve already rooted the box, and have no idea what you mean lol

Stop editing index.php goddammit :angry:

can i get a PM for priv esc. ran enum scripts and see the obvious but hitting the wall on what the issue is. did some google-fu and learned a little bit more about what it means just still confused lol.

@publicist said:
Can someone PM me the package they are using in admin panel? I have the original that was SUPER popular with this exploit and it isn’t packaged properly or I need help with it. I uploaded another one and can only create, copy, delete files…supposed to be able to upload but it’s not sho> @MrSquakie said:
Type your comment> @argot said:

Once you find the right tool to get a shell, its all cake from there.

Banged my head a bit to find out how to actually edit things, which I knew was possible via hints. Once you’re in (as admin), try using something that is “ribbed”.

I’ve already rooted the box, and have no idea what you mean lol

Condoms are ribbed sometimes lol

Type your comment> @joshkor40 said:

@publicist said:
Can someone PM me the package they are using in admin panel? I have the original that was SUPER popular with this exploit and it isn’t packaged properly or I need help with it. I uploaded another one and can only create, copy, delete files…supposed to be able to upload but it’s not sho> @MrSquakie said:
Type your comment> @argot said:

Once you find the right tool to get a shell, its all cake from there.

Banged my head a bit to find out how to actually edit things, which I knew was possible via hints. Once you’re in (as admin), try using something that is “ribbed”.

I’ve already rooted the box, and have no idea what you mean lol

Condoms are ribbed sometimes lol

Thats the only thing I could think of lol,like is he saying use protection? Still doesn’t make sense lol