Jarvis

I dont think it actually blocks you, My scripts are running fine. I can still get to pages after.

Have a idea its just what to do in it.

Very straight forward box. Really liked that no guess work was involved!

Spoiler Removed

the ban system is so broken…

Managed to find what I need to get a web shell I think… Anyone willing to provide a slight nudge for syntax? I’m struggling a bit lol

Edit: Never mind. Simple and straightforward.

Yeah if someone could tell me root passwd that’d be nice

do we need guessing password ?

Type your comment> @TrimechAd said:

do we need guessing password ?

Não

Nevermind. Got it.

Can i get a nudge? i’ve been stuck at the same log in portal for half an hour

A really nice box. Had never thought about the route to root even being a thing.

Type your comment> @innerHTML said:

A really nice box. Had never thought about the route to root even being a thing.

@innerHTML could you give me a hint on where to go

I’d like a hint on privesc too, got user fast, but completely lost on privilege escalation

Rooted. Started at the same time when it was released. I was stuck at initial foothold, though knew what the AV is. In 30 mins, the notification popped up that 1st blood was “spilled”. Came back in few hours, got a low-level user shell. Then spent another good few hours to find a root way. I hope, I made it in intended way because something suspicious popped up in my enum.

Though this root privesc requires a sacrifice of something unless attackers rollback to initial statue, so the reset is preferrable for this box.

got stuck on http , any hints?

nice one

is that sis thing rabbit hole for privesc? :confused:

Type your comment> @mpzz said:

is that sis thing rabbit hole for privesc? :confused:

My bad. That was not a rabbit hole. Got root :slight_smile:

So is there really an lfi here?Because I was suspecting the same thing