Unattended

Rooted the box …!!! Its insane …

I suspect that we have to do nested querys to get want we want, can anybody PM to make sure I’m in the right way?

Type your comment> @hfernandes said:

I suspect that we have to do nested querys to get want we want, can anybody PM to make sure I’m in the right way?

Finally LFI, moving on to RCE

can i have a nudge from w**-d*** to user please?

could someone help me please i cant seem to figure this out

Having issues with RCE, can get basic commands working and others seem to crash the box. Anyone can help?

Got www-****, anyone can gimme a nudge for user?

Type your comment> @vGsec said:

Having issues with RCE, can get basic commands working and others seem to crash the box. Anyone can help?

I have the same problem, when I tried to execute what I hoped would give me a shell, the box would freeze and I had to reset it, which I can do only 3 times a day and somehow having to reset this many times makes me wonder whether the approach is viable.
Is l** p******** a valid approach or am I wasting my (and others’) time? I’m trying alternative approaches but no luck so far.

Type your comment> @wawrzeniec said:

Type your comment> @vGsec said:

Having issues with RCE, can get basic commands working and others seem to crash the box. Anyone can help?

I have the same problem, when I tried to execute what I hoped would give me a shell, the box would freeze and I had to reset it, which I can do only 3 times a day and somehow having to reset this many times makes me wonder whether the approach is viable.
Is l** p******** a valid approach or am I wasting my (and others’) time? I’m trying alternative approaches but no luck so far.

DM’d you

Hint for those who have got the first shell: you can use nohup to detach a second shell and then exit the first one; this will make the webserver responsive again and diminish the chances that someone resets the machine.
Edit: you need to kill the first shell as well I forgot to mention

Hello all! I need a bit help with www-****, please PM me if you don’t mind, I will write what I have and my conclusions for that, thanks.

Hey guys, I found 3 very interesting pages that tell a really interesting story :slight_smile: Dirbusting seems to be useless imho, could someone just help with avoiding rabbit holes and nudge me a little towards the right path?

I’m really at a loss with the escalation to user, if anyone would care to send me a hint that would be greatly appreciated. I’ve seen and and looked into all of the hints &suggestions that I found in this thread and that I could make sense of, but I am still failing to put it together. Thanks

Hope I could get a nudge in the right direction for the RCE /LFI. Dumped everything useful via s**, found some interesting status/moved pages, and enumerated all hash-related paths/files I could find publicly.

I’m with TheCardDealer here - Im as far as having dumped cfg info from s** and have info regarding ftp and things - But I have no idea what to do, cant seem to create a shell, cant read files, cant list files, cant write files :frowning:

If anyone still looks at this thread a PM would be great.

Type your comment> @lolowhat said:

I’m with TheCardDealer here - Im as far as having dumped cfg info from s** and have info regarding ftp and things - But I have no idea what to do, cant seem to create a shell, cant read files, cant list files, cant write files :frowning:

If anyone still looks at this thread a PM would be great.

I am in the exact same position. For anyone that wants to offer some assistance, please PM me.

I love how slow the b*d si is, it has a certain sorta almost masochistic property to it… Same feeling as when i die in deadcell and wanna throw my switch out from the highest tree in the woods : P
*compared to most of the machines i have beendealing with so far, which dosnt have much of a waiting element to it, besides if its waiting for cron to run or a process thing to execute.

Took a while but I finally got it… User was way harder than root in my opinion. Small hint: don’t forget to think “why do I need to become this user before going to the next?”, check what privileges your current user has that the previous didn’t.

Feel free to PM if you’re absolutely stuck and I’ll try to give hints without spoiling much, but I do think that most of this box you need to figure out on your own…

I loved the box, thanks! User is straightforward but very elegant, root is like “oh… wait… no, come on… really? that was it?!”, although I got confused for a while with another service running on the machine. Very nice machine, I don’t understand the dislikes.

Ladies and Gentlemen, I believe I have met the Hardest Box yet LOL. THis thing is a monster. Learning BoF was easier ■■■■ Well done creator, you are a Wizard! Any in depth assistance on scoring ANY type of shell is greatly welcomed. THanks, NO COMPLAINTS HERE, just WOW this is tough!

Deleted