Craft

removed after reading previous comments and realising it could be a spoiler

hehehe, rooted, was my first day seeing V****. Took me about 2 hours of documentation to finally hit the correct syntax.

User: there are some misguiding stuff in this forum I believe. what is too close to your eyes might not be the way In. and for the code part, you really have to look around, past,present and future.
for jailers, get In, get out, and get back in :slight_smile:

Root: is right there but you have to learn about what and where are the juicy stuff at and what can I do.

& as usual my door is open for help :slight_smile:

Got root. =D
Amazing machine!

Root: Look the all the code with the second user and read the site documentation about v***t this will give you root. =D

finally rooted ! it really was an amazing box, it felt really realist and i learned a lot of things! thanks to @adelmatrash and @felixgmathew for their help

I was able to validate a t***n, however, I’ve yet to find a way to use the **I maliciously. I would really appreciate a nudge via PM.

This was a really fun box, very fun and straightforward once you find what you’re looking for.

Shoot me a message if you need a nudge for root.

What a great box!
It’s mine 9th but the best I’ve seen yet

Thanks to @Itri3d for history reference at the beginning! Feel myself stupid at this moment

So user was good, interesting and very logical. I’ve stuck for a few hours to sleep and code wget handler finally (thought about that few last machines already) and root was fast and pretty easy, you just need some manuals and use all the information you’ve collected

Many thanks to @rotarydrone for this puzzle

guys , i am in the right place , yesterday i got shell from a*v rce and all thing was ok , today its give me 500 internal server error !! WTF is that ! i check my req many times

any help !?

ROOOTED!

User has been fun!

Root… To much Docs… But basically you know what to do, just needs to learn it.

If you need help PM me :slight_smile:

funny box, it is not so common.

PM me if you need some hint.

Rooted. PM me if you need a hint.

Rooted. User was fun. Although Root is a bit simple, I learned about v***t.
Thank you @rotarydrone for this real machine. It deserve to become one of OSCP labs. Also thank you @odinshell for your nudge.

Very fun machine! Very realistic in every way. I think this might be my favorite :slight_smile: Very good job @rotarydrone !

Definitely one of my favourite machines so far, this one really forces you to understand all the pieces of the web-app it is running in order to get user.

Hints I think may be useful:

User - if you’re struggling to get a proper shell back, it’s always a good idea to match the language you use for your shell, with the language that has the RCE …

Root - There is an application that should stand out by this point - some research about how it is used on this box, and you should get root.

When I want update or create in sw*r with the tn generated I have an error.: invalid or not found. does anyone help me?

Think I have my rce spot but can’t figure out how to get it to run/escape correctly. Any nudges?

Rooted! PM me if you need help :slight_smile:

hello guys , i need some help on this box for the foothold enumeration, the api its not working , i don’t know if its a issue , i conf in my etc/hosts but i dont know its not loading…any hint shall be appreciate , thank you

.
kudos @rotarydrone

@algorithm

You are on the right track, keep at it. I suggest adding all of what you enumerate into the hosts file. Beyond that, I am stuck at trying to make v***t work.

If respect is earned, respect is given.