Player

@ScreenSlav3r said:
why server is not compressing my file after uploading avi file ? it says no file selected

May be it is looking for other format than avi ?

rooted a days ago, but it’s really great box, got root in two different ways :smiley:
thanks for the creator :smile:

So I’ve read all the comments, enumerated vhosts, files (at least I think so), saw the error for a short time :), but still can’t figure out how to proceed.
I’m pretty sure I’m missing some piece of information to advance.
Will appreciate a nudge.
Please let me know if I can contact anyone for discussion.
Thank you

Rooted. And I’m still surprised that root part turned out to be much simpler than initial foothold and user parts. Took me about 2 weeks, and I cannot say why it happened so, but most likely because I was too lazy

Thanks

just did it, awesome setup, awesome line from enumeration all the way to root… I give it a 10/10 had fun… (minus the 4-5 hours I wasted trying to figure out why something was not working and turned out I just needed to reset because someone changed it…)

Finally rooted! Can I just say that this was an awesome box!?

Loved the recon stage and how you always had to come back to a place you’ve been before to retrieve the information found there to move on.

First of all I have to thank @MrR3boot for creating such a challenging box.

I’ve had so many knowledge gaps during the research of the box that it took me
several discord chats and more than a week of research/frustration/little wins to actually
complete the box.
As others pointed out the user part is much harder than root (although it took me some time and another chat to get to the right path for root as well)
As always I learned much more than actually was required to complete the box :slight_smile:

Thanks again @MrR3boot

Could anyone please give me a nudge on how to get the initial foothold? I’ve done the basic enums found the vhosts etc, but I can’t find the door.

I would also like some guidance if possible. please?
stuck the uploading page
I am bored with these videos

Fucking Excellent box

I enjoyed the user more than root

My hints:

User: Enumerate too much here and google every suspicious word. when you get hidden apps, first understand very nice how is working, don’t start hacking nothing. Then, don’t try to escape from nothing, just search for exploits (in the forum there are very nice hints)

Root: Is a combination escalation between a classic technique and vulnerable code

@MrR3boot Thx, for this box, was amazing and very real.

Can anyone help me with root?

EDIT: Rooted! I kept complicating things for my self. DM me if you need help.
Also, big thanks to @MrR3boot for creating this master piece. I learnt a lot during this.

rooted it was a crazy box
really user more hard then root
Thank you for this box

If someone can pm me for help with initial foothold that’d be great. Found an error an some vhosts but can’t figure out how to go any further.

Hi :slight_smile: If some can PM me , just for see if my “enumeration process” is ok , I find somes “interesting” files

Rooted, CTF like in places. Once you get past the initial guessthebox it flows pretty nicely. I likes how you’re constantly combining information in new ways to get new leads.

no more problems

didnt find anything just /lau**** is it related to j*t to get the next step ?

rooted i like the user part thnx @MrR3boot

hey I guess I’d like some nudges, anyone please?

because @YanTayga mentioned being stuck because of a wrong wordlist, I wonder how many vhosts there are? I found 3 (apart from root): d**, st*****, c***. That enough or should for a better one (did the top1mill-110000)?

Found 3 php files at /l*******/, none seem too helpful (their name seemed randomized yet only one char differed between the 2 I found manually so I fuzzed that changing char and found a third)
One of them says not re***** *** and the countdown is client-side on the main page so I doubt freaking around that would make a difference server-side

Found 2 different s** servs, one considerably older than the other (maybe vulnerable? DidN’t find anything useful yet tho)

That’s where I’m at, any nudges/ideas/helps welcome here or PM too, thanks in advance

Found creds for I*** which worked for a high port *** service. Found it’s only use for p***-f********. Couldn’t get in to I*** though (co******* re*****) even with both po*** r*********. Found creds for MS** and got into the . Found nothing interesting but can write stuff that gets printed on st*../up.*** but since its ec**** cannot run any commands not even a simple ec**.

Stuck atm and going crazy I cannot acces I***, please nudge here / pm, thank you