did someone broke this machine?
My initial shell and pivot to user was working superb yesterday and today half of the day, but now suddenly when i was pivoting (exactly same way as before) - i still end up in initial webshell… Did a reset of machine and now i cannot access neither 10.10.10.146:80 neither any of the p****.ph* neither u****.ph*
it just says: FORBIDDEN in any of the pages… and on the main page (http://10.10.10.146:80/) it says:
Forbidden
You don’t have permission to access / on this server.
Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.
did someone broke this machine?
My initial shell and pivot to user was working superb yesterday and today half of the day, but now suddenly when i was pivoting (exactly same way as before) - i still end up in initial webshell… Did a reset of machine and now i cannot access neither 10.10.10.146:80 neither any of the p****.ph* neither u****.ph*
it just says: FORBIDDEN in any of the pages… and on the main page (http://10.10.10.146:80/) it says:
Forbidden
You don’t have permission to access / on this server.
Additionally, a 403 Forbidden error was encountered while trying to use an ErrorDocument to handle the request.
wtf is going on ?
edit: machine is pinging normally
It definitely gets reset often, which is frustrating to say the least.
Well I can say this one was interesting. Learned new tricks and also how to read carefully and understand what is said. Nice machine, I enjoyed it, and the difficulty is right too. Thanks @guly for this machine!
Tips:
USER:
enumerate and then initialize in a very cool way (read code and think what can possibly be done) and then do more careful reading. Understanding a bit of language helps to understand how it works.
ROOT:
I was overthinking waaay too much and got stuck in a rabbit hole which only returned my current shell… Do not overthink. enumerate and then read read and try.
if you can code then it will be easy to understand syntax if not then there are online pages which will help you to put stuff in correct way.
What’s up with some of the poor reviews on this? It was really straightforward and simple – I actually really liked it a lot. Thank you for the box, @guly.
Hints…
User:
Enumerate the web service. Check out different web directories to get back what you need. What’s already listed here in the forum should be enough.
Root:
Standard linux enumeration scripts should reveal it immediately. Take advantage by using some random words/strings to "test"and you’ll get where you need to be in no time.
Why do I always struggle with the seemingly easy stuff.
4 hours in and not even a shell. sigh
This is pathetic.
You are not the only one. I don’t know why people say that it’s easy or straightforward but having never done or heard about this before it certainly wasn’t for me. I was able to get a shell after a lot of headache so feel free to pm me if you need a nudge in the right direction
Got root, but conflicted about the command used. I can’t really find any decent info about this particular use of the command in question. Appreciate any links to my PM. Enjoyed the box!
Why do I always struggle with the seemingly easy stuff.
4 hours in and not even a shell. sigh
This is pathetic.
You are not the only one. I don’t know why people say that it’s easy or straightforward but having never done or heard about this before it certainly wasn’t for me. I was able to get a shell after a lot of headache so feel free to pm me if you need a nudge in the right direction
I’ll ask you if I can’t get it after the next 4 hours.
I haven’t exhausted my possibilities. So I’ll try harder.