spoiler
Rooted. Learned few interesting things out of this one.
why machine slow, plz donât do brute force attack on the machine no need for it, its straight forward machine.
Ok. Rooted. But can someone explain me why script line
e**o $**r=$*
EXECUTING command included in $*?
i will appreciate some explanation on DM. I dont like rooting machines without fully understanding what happens.
Thanks in advance
@DeDeReporter said:
spoiler
You mean my post?
Type your comment> @rheaalleen said:
@DeDeReporter said:
spoiler
You mean my post?
No no, I just edited my post, which I think was a little bit too spoiler(ously?)
Your post is actually great among a lot of âtry harderâ
to get the shell i post it through curl, but nothing happens.
any good hints
deleted
Finally rooted! Thanks for those who helped me.
One thing to say⌠try harder! ?
Am I the only one who gets disconnected from the machine immediately? Just when I obtain the shell it disconnects. Frustrating.
@ibrahim95 said:
Am I the only one who gets disconnected from the machine immediately? Just when I obtain the shell it disconnects. Frustrating.
I think thatâs a common issue with the free (=populated) machines for this challenge, my shell always died within seconds to minutes.
Totally stuck. I have a shell, and have an idea of how I can get user, but dont know how. Can anyone point me in the right direction? Feel free to PM.
did someone broke this machine?
My initial shell and pivot to user was working superb yesterday and today half of the day, but now suddenly when i was pivoting (exactly same way as before) - i still end up in initial webshell⌠Did a reset of machine and now i cannot access neither 10.10.10.146:80 neither any of the p****.ph* neither u****.ph*
it just says: FORBIDDEN in any of the pages⌠and on the main page (http://10.10.10.146:80/) it says:
Forbidden
You donât have permission to access / on this server.
Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.
wtf is going on ?
edit: machine is pinging normally
edit2: ok it seems to works fine now⌠weird stuff
Type your comment> @r0mka said:
did someone broke this machine?
My initial shell and pivot to user was working superb yesterday and today half of the day, but now suddenly when i was pivoting (exactly same way as before) - i still end up in initial webshell⌠Did a reset of machine and now i cannot access neither 10.10.10.146:80 neither any of the p****.ph* neither u****.ph*
it just says: FORBIDDEN in any of the pages⌠and on the main page (http://10.10.10.146:80/) it says:Forbidden
You donât have permission to access / on this server.
Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.
wtf is going on ?
edit: machine is pinging normally
It definitely gets reset often, which is frustrating to say the least.
Rooted this one. I have learned some nice stuff and to read code carefully
PM asking for help are welcome.
Rooted
[root@networked ~]#
Well I can say this one was interesting. Learned new tricks and also how to read carefully and understand what is said. Nice machine, I enjoyed it, and the difficulty is right too. Thanks @guly for this machine!
Tips:
USER:
enumerate and then initialize in a very cool way (read code and think what can possibly be done) and then do more careful reading. Understanding a bit of language helps to understand how it works.
ROOT:
I was overthinking waaay too much and got stuck in a rabbit hole which only returned my current shell⌠Do not overthink. enumerate and then read read and try.
if you can code then it will be easy to understand syntax if not then there are online pages which will help you to put stuff in correct way.
PM for hints when needed
Why do I always struggle with the seemingly easy stuff.
4 hours in and not even a shell. sigh
This is pathetic.
Whatâs up with some of the poor reviews on this? It was really straightforward and simple â I actually really liked it a lot. Thank you for the box, @guly.
HintsâŚ
User:
Enumerate the web service. Check out different web directories to get back what you need. Whatâs already listed here in the forum should be enough.
Root:
Standard linux enumeration scripts should reveal it immediately. Take advantage by using some random words/strings to "test"and youâll get where you need to be in no time.
anyone had a session through jenkins? came up and lost it before i had a chance to dig deeper. im a total newb and sorry if iâve broken any rules.
ROOTED:
i even did not believe that iâve got root shell what the hack !!
Hints
User: focus on php functions
Root: a very basic enumeration
PM me for hints