Craft

@sazouki said:
■■■■ i got ssh key from that use repo and it ask for passphrase when im trying to login ?

Same here. "Invalid format for [s**] key " a nudge would be helpful. Figure I’m close to user.

Ok, I got user now. I now understand why the errors…needed to look closely at the key I had.

Then I’m guessing I will focus on v**** to get root although I have no experience with d*****.

Yep. root.txt. Had to reset the box though before the final command worked to get me in.

Can someone please PM me about getting user. Cant understand how correctly interact with JSON and where to look to drop a shell…

Can someone PM me for a hint?

I am currently in Jail, found creds for DB and don’t know where to use it (they are not usable in G***). I changed the SQL statement in the file I found. to enumerate databases and tables, but no success so far.

Rooted.
Initial was tricky, but after that getting user.txt and root.txt took me about 30 minutes - probably because I spent way to much time reading all source code.
PM me for a hint.

PM for nuggets

@rholas i pm u

i get cred of user dinesh and i’m able to add brew to db
what’s next ?

any help for error at loading key invalid format ??

Rooted. Really enjoyable machine that had me stuck in a few places. PM me for nudges :slight_smile:

Type your comment> @voidhofer said:

I am stuck at the jail. Already got the credentials, all three of them, but I have no idea where to use them. Already tried SSH and looking through their gogs repos, but nothing worked. Can Someone please give me a hint?

I thought you were really in the can cuz your avatar almost looks lke a mugshot :wink:

Can anyone plz tell me why i cant seem to access the api or gog pages? They are returning as Server not found… Ive edit my /etc/host/ file to reflect both name resolves but still nada, im at a bit of a loss. Can anyone help me on this?

Can anyone plz tell me why i cant seem to access the api or gog pages? They are returning as Server not found… Ive edit my /etc/host/ file to reflect both name resolves but still nada, im at a bit of a loss. Can anyone help me on this?

I had to restart my browser after adding updating my hosts file.

Type your comment> @toroflux said:

Can anyone plz tell me why i cant seem to access the api or gog pages? They are returning as Server not found… Ive edit my /etc/host/ file to reflect both name resolves but still nada, im at a bit of a loss. Can anyone help me on this?

I had to restart my browser after adding updating my hosts file.

thanks chief didnt even think to do that, thanks for the reminder :slight_smile:

Finally rooted!

This has been my favorite box so far. Love the Silicon Valley theme.

Pretty much all the hints have been given. This box is really about enumeration more than anything else and has a very logical progression. Everything you need is on Gogs. Follow the breadcrumbs, RTFM, and you should have root in no time.

This is not a hard box per se, just a lot of information and clues to gather- you just need to read EVERYTHING carefully.

Spoiler Removed

Ok. I am going crazy here and might be missing something obvious.

I am running a** on b****** and see the c****-d* target. I originally thought I should tunnel from b****** to m****, but I don’t think that port is exposed.

So I managed to run S** via f**** sh***. I need a nudge now that I’m using p***** to look at m****

I guess my one question is. Should I have setup a tunnel through b****** or is that not necessary?

edit: nevermind. As soon as I posted this I found some extra credential. Rubber ducky method I guess :slight_smile:

I found d****h user and I’m able to log in to brew. I can add the auth token header to POST data to brew db but I have no clue what to do next, how to generate RCE.

@halisha said:
I found d****h user and I’m able to log in to brew. I can add the auth token header to POST data to brew db but I have no clue what to do next, how to generate RCE.

Make sure you look through EVERYTHING. No fancy shell script required, just eyeballs.

You can get to it from the very first page you visit.

is the https laggy by default or something wrong with the box? it doesnt even load

Type your comment> @Salts said:

@halisha said:
I found d****h user and I’m able to log in to brew. I can add the auth token header to POST data to brew db but I have no clue what to do next, how to generate RCE.

Make sure you look through EVERYTHING. No fancy shell script required, just eyeballs.

You can get to it from the very first page you visit.

Thanks. I have escalated, I’m stuck at sending payload, managed to get ping but no way to get shell.

Can someone pm me and give me some guidance on getting shell? I tried a lot of stuff and I kinda understood how it works and what I should done but Im stuck due to linux knowledge.