Jarvis

Spoiler Removed

the ban system is so broken…

Managed to find what I need to get a web shell I think… Anyone willing to provide a slight nudge for syntax? I’m struggling a bit lol

Edit: Never mind. Simple and straightforward.

Yeah if someone could tell me root passwd that’d be nice

do we need guessing password ?

Type your comment> @TrimechAd said:

do we need guessing password ?

Não

Nevermind. Got it.

Can i get a nudge? i’ve been stuck at the same log in portal for half an hour

A really nice box. Had never thought about the route to root even being a thing.

Type your comment> @innerHTML said:

A really nice box. Had never thought about the route to root even being a thing.

@innerHTML could you give me a hint on where to go

I’d like a hint on privesc too, got user fast, but completely lost on privilege escalation

Rooted. Started at the same time when it was released. I was stuck at initial foothold, though knew what the AV is. In 30 mins, the notification popped up that 1st blood was “spilled”. Came back in few hours, got a low-level user shell. Then spent another good few hours to find a root way. I hope, I made it in intended way because something suspicious popped up in my enum.

Though this root privesc requires a sacrifice of something unless attackers rollback to initial statue, so the reset is preferrable for this box.

got stuck on http , any hints?

nice one

is that sis thing rabbit hole for privesc? :confused:

Type your comment> @mpzz said:

is that sis thing rabbit hole for privesc? :confused:

My bad. That was not a rabbit hole. Got root :slight_smile:

So is there really an lfi here?Because I was suspecting the same thing

Type your comment> @m00nr4c00n said:

Im so bad at privesc… got LFI working, got RCE working… but fk me! im just www-data.

How did you got LFI working.? I tried. I got request canceled.

.

Spoiler Removed