Ghoul

Thanks @lfabname, glad you’re enjoying it! And don’t forget egre55, it wasn’t possible without him. :wink:

please help me with this machine can’t find the uploaded file path

Type your comment> @manitorpotterk said:

please help me with this machine can’t find the uploaded file path
hint for anyone doing this box:
Check the services, find out what are their defaults. On initial step try to put your own data there. When you get inside, check the settings of all exposed services – all of them where configured more or less.

Rooted; took me 3 weeks of off-again on-again attempts. Thanks to @ChiefAG for all the nudges.

I don’t even have a good hint to post for anyone struggling. Sorry, this box is certainly mind-bending.

It wasn’t that insane. If you enjoy pivoting then it’s fine.
The creds being massively buried in a very weird and non-human way was the maximumly heavy lift here. That erased a day. Or two, or nine.
But yea we should have a badge and it should have been a SICK looking badge.

Good luck people of earth.

pps-
Just googled maximumly. It’s a word.
Deal with it.

Need help finding where my files are uploaded.

Can anyone chuck me a nudge for user please I have user access as N*** and have a www***** shell not sure where to go from here.

I have been going at this box for a long time now and I have finally gotten so stuck I don’t know where to go next. I could really use a nudge. I have rooted G*** and gotten the a****-***.7z.

EDIT: I found the interesting stuff in a****-.7z and escalated but now I think I’m one step away and don’t know how to exploit k**_adm.

EDIT 2: nm, rooted.

ok, So i have the user flag, can someone help me with the root flag, I am not sure how to enumerate the box, I get i have to pivot out of the environment but unsure how to do so. any help would be appreciated :slight_smile:

can someone give me a hint on the zip vuln

got user, working on root now :smile:

Finally rooted the box. This box was pain in the ■■■. Also my thanks to @v1p3r0u5.

who can help me ?

@xlxlxltt said:
who can help me ?

I am a novice scanner port to 8080 page password how to crack

Anyone around to help with root on g** running an rce but stuck as to next move, please help ?

Anyone available to help with RCE on G***? I can’t seem to get the privesc to work? the script i am using runs fine with no errors but it has limited documentation and not quite sure what I need to look out for!

EDIT: i have rooted G+++ found some interesting bits in the .7z file but unsure where to go from here. any pointers?

You’ve done well to come upto here human. But what you seek doesn’t lie here. The journey isn’t over yet…

Is this box trolling me or what? where the ■■■■ is this ■■■■■■ root flag?!

someone save me please…

It’s Over! Rooted!

Thank you @xcoder and @v1p3r0u5

Finally rooted.
A very long journey for this one.
Thank you @xcoder and @Dreadless