Craft

Definitely one of my favourite machines so far, this one really forces you to understand all the pieces of the web-app it is running in order to get user.

Hints I think may be useful:

User - if you’re struggling to get a proper shell back, it’s always a good idea to match the language you use for your shell, with the language that has the RCE …

Root - There is an application that should stand out by this point - some research about how it is used on this box, and you should get root.

When I want update or create in sw*r with the tn generated I have an error.: invalid or not found. does anyone help me?

Think I have my rce spot but can’t figure out how to get it to run/escape correctly. Any nudges?

Rooted! PM me if you need help :slight_smile:

hello guys , i need some help on this box for the foothold enumeration, the api its not working , i don’t know if its a issue , i conf in my etc/hosts but i dont know its not loading…any hint shall be appreciate , thank you

.
kudos @rotarydrone

@algorithm

You are on the right track, keep at it. I suggest adding all of what you enumerate into the hosts file. Beyond that, I am stuck at trying to make v***t work.

If respect is earned, respect is given.

Rooted. Fun box for sure!! As noted, root wasn’t super hard but not completely impractical. Happy to help if anyone needs a nudge.

ROOTED! Pretty cool box!

If anyone needs help ping me

Really fun user and root!

Trying to use curl with T***N and I am getting this response

{
“message”: “The browser (or proxy) sent a request that this server could not understand.”
}

Honestly, I’m not sure how to get around this. I have tried multiple ways. Can I get some help please? A PM would work!

Heya,

I’ve got the creds and can generate a t**** and I see the e*** function but I’m having trouble exploiting it.

Any nudges would be appreciated.

edit: After messing around with p***** a lot I managed to get a reverse shell.

edit2: And rooted, thank you @TigaxMT for the assistance.

Could someone PM-me some recommendations on how to make the links in the top right corner (eg: https://api.craft.htb/api/) to properly resolve? I always get blocked by annoying sh*t like this which I know must be trivial but never did before…

Got it. Great box, you’ll learn plenty. Thanks @1337mn.

Hi guys can someone give me some help plese, Im stuck with the Rev shell

Type your comment> @TurinGiants said:

Trying to use curl with T***N and I am getting this response

{
“message”: “The browser (or proxy) sent a request that this server could not understand.”
}

Honestly, I’m not sure how to get around this. I have tried multiple ways. Can I get some help please? A PM would work!

I was having the same issue and noticed I was typing the quotes(’ ’ and " ") wrong… check that

If anyone is getting stuck after RCE and interacting with db (before getting user), and you’re using commands with * to enumerate but getting single responses, try commands that select things 1 at a time.

Thoroughly enjoyed this realistic box! I see most of the hints needed are already given in this thread, but I’ll leave a small hint for breaking out of the jail:

  • There are a few things you should never commit.

Feel free to PM for hints/nudges.

Made a bit of progress but getting stuck at e*** . :confused: Anyone got any tips?

Type your comment> @clubby789 said:

Made a bit of progress but getting stuck at e*** . :confused: Anyone got any tips?

Try running that portion on your machine so you get useful output