Jarvis

@FlompyDoo said:
Do you need to send an email?

No. You don’t need to send any emails.

Type your comment> @FlompyDoo said:

Do you need to send an email?

No email is needed to get the user. At least the way I went.

I have initial foothold and i am lost how to upgrade to the other user, pointer please.

Type your comment> @p0wn3y said:

I have initial foothold and i am lost how to upgrade to the other user, pointer please.

What is your Norma process to privesc? This box has a wrinkle, but the tools people typically use to figure out how to privesc will point you in the right direction.

Type your comment> @JepFrenzel said:

I found the p**n page and the r.php?= page which both seem relevant, but I can’t figure out what to do. Can someone point me in the right direction? I’m pretty much a noob.

I’d suggest reviewing ippsec videos. You’ve found a few pretty interesting things. If you don’t know how to get farther, you’ll learn a lot from just watching those videos.

Rooted.

So I guess there are numerous ways to skin this cat after conversing with some of the pros. Which is cool.

I’m sure @ippsec will cover them on his video haha.

User: Enumeration then confirm vulnerability manually. Then you can wreak havoc with known tool.

Root: The standard enumeration scripts should allow for this one to jump out. Stick to the basics.

Could use a nudge on an initial foothold I’m thinking it’s something with the high port. but not sure.

Type your comment> @AjackX said:

Could use a nudge on an initial foothold I’m thinking it’s something with the high port. but not sure.

it is, had to look more into it, but the high port is basically how the ban works, so the fact that it appears banned is just a side effect of the fact that when you’re banned you just get sent there instead.

God if people can stop hosing this box, that would be great… ?

i need a hint for root is s******tl the right path ?

Type your comment> @TrimechAd said:

i need a hint for root is s******tl the right path ?

Yes

I guess im banned. Is this common? I know the next step but oh well… have to wait for the next cycle.

Rooted. <3 ww****a to root was fun

I need hint , please DM me, still dunno where to start :dizzy:

Already in through another path, but how did you guys found the files?
Bruteforcing with directory medium and all the indicated extensions didn’t get me anything.

Type your comment> @Uvemode said:

Already in through another path, but how did you guys found the files?
Bruteforcing with directory medium and all the indicated extensions didn’t get me anything.

No need to brute force anything. Should be right in front of you to get your first shell.

Rooted. DM for hints.

Finally got a shell as www-data, are we meant to go straight to root or get into the users account first? Nothing has stood out so far.

Also, anyone able to pm about the high port? Still confused about it

Type your comment> @farbs said:

Type your comment> @Uvemode said:

Already in through another path, but how did you guys found the files?
Bruteforcing with directory medium and all the indicated extensions didn’t get me anything.

No need to brute force anything. Should be right in front of you to get your first shell.

I’m already in, I know which file I was suppose to find, with bruteforcing I mean directory listing, gobuster etc, but my wordlists didn’t find them, I had to get in through another path, which wordlists did you guys used?

Spoiler Removed