Finally got root! 90% of the work on this box for me was getting the initial shell, I did learn a lot to get it to work though so its all good. Went straight from initial shell to root, which was very easy.
Some tips:
- Once you’ve found some webpages, try a few different METHODS to get them to tell you something
- Once you have found somewhere to login, an exploit (with some modification) might help you find the credentials
- Regarding getting the exploit to work, I found it helpful to make the script print out its responses, that way you can tell when the exploit has failed, it wont tell you otherwise.
- Also regarding the exploit, using the UI helped me find out what what characters I couldn’t use, it returns 403.
- There is also a way to see the output of your commands, see the third point above.
Hopefully these tips can help, and are not too revealing. PM me if you need any help.