Networked

Totally stuck. I have a shell, and have an idea of how I can get user, but dont know how. Can anyone point me in the right direction? Feel free to PM.

did someone broke this machine?
My initial shell and pivot to user was working superb yesterday and today half of the day, but now suddenly when i was pivoting (exactly same way as before) - i still end up in initial webshell… Did a reset of machine and now i cannot access neither 10.10.10.146:80 neither any of the p****.ph* neither u****.ph*
it just says: FORBIDDEN in any of the pages… and on the main page (http://10.10.10.146:80/) it says:

Forbidden

You don’t have permission to access / on this server.

Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.

wtf is going on ?

edit: machine is pinging normally

edit2: ok it seems to works fine now… weird stuff

Type your comment> @r0mka said:

did someone broke this machine?
My initial shell and pivot to user was working superb yesterday and today half of the day, but now suddenly when i was pivoting (exactly same way as before) - i still end up in initial webshell… Did a reset of machine and now i cannot access neither 10.10.10.146:80 neither any of the p****.ph* neither u****.ph*
it just says: FORBIDDEN in any of the pages… and on the main page (http://10.10.10.146:80/) it says:

Forbidden

You don’t have permission to access / on this server.

Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.

wtf is going on ?

edit: machine is pinging normally

It definitely gets reset often, which is frustrating to say the least.

Rooted this one. I have learned some nice stuff and to read code carefully :slight_smile:
PM asking for help are welcome.

Rooted

[root@networked ~]#

Well I can say this one was interesting. Learned new tricks and also how to read carefully and understand what is said. Nice machine, I enjoyed it, and the difficulty is right too. Thanks @guly for this machine!

Tips:

USER:

enumerate and then initialize in a very cool way (read code and think what can possibly be done) and then do more careful reading. Understanding a bit of language helps to understand how it works.

ROOT:

I was overthinking waaay too much and got stuck in a rabbit hole which only returned my current shell… Do not overthink. enumerate and then read read and try.
if you can code then it will be easy to understand syntax if not then there are online pages which will help you to put stuff in correct way.

PM for hints when needed

Why do I always struggle with the seemingly easy stuff.
4 hours in and not even a shell. sigh

This is pathetic.

What’s up with some of the poor reviews on this? It was really straightforward and simple – I actually really liked it a lot. Thank you for the box, @guly.

Hints…

User:

Enumerate the web service. Check out different web directories to get back what you need. What’s already listed here in the forum should be enough.

Root:

Standard linux enumeration scripts should reveal it immediately. Take advantage by using some random words/strings to "test"and you’ll get where you need to be in no time.

anyone had a session through jenkins? came up and lost it before i had a chance to dig deeper. im a total newb and sorry if i’ve broken any rules.

ROOTED:
i even did not believe that i’ve got root shell what the hack !!

Hints
User: focus on php functions
Root: a very basic enumeration

PM me for hints

really straightforward machine once you turn your brain off.

got user thanks to some help from a few people, root was fairly easy.

I think I know what I need to do to get initial access, but it doesn’t seem to be working. Can someone DM me for a nudge?

Type your comment> @x41 said:

Why do I always struggle with the seemingly easy stuff.
4 hours in and not even a shell. sigh

This is pathetic.

You are not the only one. I don’t know why people say that it’s easy or straightforward but having never done or heard about this before it certainly wasn’t for me. I was able to get a shell after a lot of headache so feel free to pm me if you need a nudge in the right direction

Rooted. Funny one.

Got root, but conflicted about the command used. I can’t really find any decent info about this particular use of the command in question. Appreciate any links to my PM. Enjoyed the box!

Thanks @guly for a beautiful and simple machine
Your Unattended was an incredibly cool machine, this CTF is more easy, but also very interesting

Need a nudge for the user. I do have a shell up but I need priv esc. Please help! Thanks!

Awesome box!

[root@networked ~]# id
uid=0(root) gid=0(root) groups=0(root)

Finally! Rooted. Learned some stuff. Thanks @guly for the box. DM if you need a any nudge…

Struggling with root, found the file but unable to do anything with it. Can anyone PM me please?

Edit: rooted, me been stupid. PM if you need help