Craft

Rooted! A good box a big shout out for the people who helped me thank you so much guys. If anybody wants help feel free to PM :slight_smile:

nothing resolves lol … edited hosts, still nothing…

Type your comment> @dr0ctag0n said:

dirb works for me, maybe you’re not using the right protocol/port?

Took a while seems to be fine now, it wasn’t even getting a ping. Protocol and ports set now to get the initial foothold, nudges always welcome :slight_smile:

rooted, thanks @Tohzzicklao
PM if you;re stuck

Hey guys, could someone give me a nudge? I found a s** service running in a weird place and some pages that don’t resolve. Tried digging but pooled out an empty shovel :slight_smile:

Thanks to @naveen1729 for helping me out of the rabbit hole

Nice box :slight_smile:

User

It is necessary to see what the developers have changed in the code of the application, it is possible to see something interesting. The part of the RCE is to see how to take advantage of the language and the part of getting out of jail was complicated, sometimes one relies on any script that is in the machine when you can modify it and see if it is returning what it should.

Root

The part of the root is simple, just copy and paste a part of “that” and get what you want according to the documentation

rooted … very good box

rooted, If someone needs a nudge, pm with what you did and where you stuck exactly

Wow, I really like this box! Even though I needed nudges as I was overseeing the obvious things and began overcomplicating things and then followed the rabbit… ?

Wondering if v***t is a r-hole

Are the links supposed to resolve? I’m not getting anywhere on my foothold, here.

Edited to remove spoiler

Spoiler Removed

any nudge (apart from the Python one;)) will be appreciated.

are you guys using any tool for the initial foothold?

When i try to enumerate the tables i run command “show tables” but there is only one table “brew”

Type your comment> @conan said:

When i try to enumerate the tables i run command “show tables” but there is only one table “brew”

I saw another one too u***

@igaralf said:
are you guys using any tool for the initial foothold?

Just the source code for the vhosts and manual explore the present and the past :slight_smile:

and finally…

Last login: Mon Jul 22 07:53:36 2019 from 10.10.10.110
root@craft:~# id
uid=0(root) gid=0(root) groups=0(root)

Type your comment> @conan said:

When i try to enumerate the tables i run command “show tables” but there is only one table “brew”

Read through the lines. How is it fetching the rows, can you make this differently?

Edit: Should save my advice for when I’ve actually finished it, sorry!