It wasn’t as bad as some people are making it out to be.
Reminds you that enumeration is always important. Keep good notes of you might miss something. And as always, we careful when you copy paste things :)… I was hurting myself for failure to copy something correctly.
Overall decent box.
Hints: Every port should be used on this one. Thorough enumeration.
This box isn’t very CTF at all. Everything you need is there and can be found with ease using common enumeration techniques - there is literally nothing you have to guess. I thought the path to shell access was nice, but would have liked to see a bit more done with root.
I wasted hours trying to find the the second to last login screen. If you have found the mother load of credentials and have not yet found the right place to put them, then make sure you scan port 80 using dirb NOT gobuster. The common list will do.
Do you know why gobuster doesn’t work? I found out I could use dirsearch.py also.
Also anyone able to help me with some type of resource for the n***.j* page? Can’t find anything.
Rooted! Felt like I was doing a CTF again, Learnt some new stuff, so I can’t complain.
Any tips on how to come across the token? I know how to use it once I get it since it is similar to another box that’s active, but I only have the txt file which I guess is a reference to some anime.