Jarvis

Type your comment> @salute101 said:

any hint from www-*** to per via s**.py?

Look at what the script does, all its different options and then look at what it does and how you can manipulate it to get it to do what you want.

I can not for the life of me find out what to do with s******.py not really well versed in python any nudges or just subtle tips would be appreciated

My advice to any one struggling with the PY is there is a guide already listed which will help you. DO NOT speed read it. read it properly and you will understand what you need to do

Type your comment> @trentxsweat said:

I can not for the life of me find out what to do with s******.py not really well versed in python any nudges or just subtle tips would be appreciated

Also struggled a bit, all the necessary tips are already in this thread.

rooted . nc machine though.

got root, thanks all for help.

Have a r****** shell for www-data. Do not have permissions to user.txt.

Have stumbled across s******.py but not sure what i need to do next.

PM me

i am quite stuck on the point of the first priv esc… i get a shell as the user i want but the shell dies after a while… any hints how to make it persistent?
PMs are welcome of course.

What a wild ride that was! Absolutely loved it, I feel like I’ve genuinely learnt something from this box.
Many thanks for some of the pointers here, and the creators for producing this.

It looks like I am in need of a pretty in depth description of how to actually exploit s******.p* . This is the first time I have attempted an exploit like this and I am anxious to learn. PM me !

THanks all !

ROOTED

Great box, really liked it.

USER: if you use a tool for enumeration take it to the next level, and not every room is the same.

ROOT: if you enumerate everything it will pop up, just make sure you’ve got a good visual :wink:

@ab3lson said:
Can I get a hint on how to escape the p**g command without using the forbidden characters?

sometimes you can give those characters a call :wink:

I cannot figure out what commands are use to by bypass the script to get to user. googled everything in this thread. Nothing is jumping out to me. Please DM me for help. Thanks!

Earlier I was able to use s********y to read user, but now all my commands seem to be running as www-****?

Rooted. Good box. If anyone touched the low-port service I’d be interested to know how, so if you could PM me that would be great. If anyone needs extra nudges, PM me.

So I know I have seen a lot on here that people’s hint for root is just basic enumeration, however I am still very new and everything I have tried so far has not worked. If someone could give me a nudge as to maybe some enumeration tools I should be using that would be greatly appreciated!

So I am in as p*****r user but I have not been able to get user.txt to open any hints

I think someone deleted the user.txt…

Hi guys, I managed to get user, working on root right now.
I wanted to know if anyone else apart from me experienced issues trying to work out the *.php?=… part. I dunno why but on the browser was working okay but trying it on burpsuite I’d only get 400 bad request response, let me know if you got the same problem.

Rooted, shells within shells within shells… GTFObins was a lifesaver.