Scavenger

wonderful box, thx @ompamo

Need a nudge for root. Thanks!

Rooted. What a ride. I really enjoyed this box. Did anyone manage to get a fully interactive TTY? If so, teach me! Mold me!

Finally … what a ride. Thanks @agr0

Need a nudge for root lads. DM me, TY!

Type your comment> @t3rm1nal said:

Need a nudge for root lads. DM me, TY!

@t3rm1nal said:
Need a nudge for root lads. DM me, TY!

if you find any help please do help me too …

Criminally underrated box IMO. Well done to the author.

Excellent challenge, certainly pushed the tools and methodology having so many paths to look at. Hat tip to @vGsec for the nudge and helping me keep consistent. Nice box all around @mpamo.

Nvm: got it :slight_smile:

Simply, awesome. What a ride. Thanks so much for this box @mpamo.

Could someone give me a nudge for user.
I’m attacking a specific service but I’m failing to create a valid payload.

R0oT3d!
One of the best boxes so far.
Thanks to the creator.

Stuck at getting something out of the above-mentioned “bug”.
Any nudge would be appreciated.
Enum is not going anywhere or I’m going it wrong.
Same thing is with the rce. :frowning:

I’m also stuck at m****s. I can log in and I also see a very suspicious file in the document root, but can’t find a parameter for it… any help? I tried bruteforcing the parameter, tried a few common ones, different http methods… what do I miss?

And I can’t find a way to read that file to see how it works, nor to upload a similar file of mine.

Great box. I about lost my sanity in a couple of places. Thanks for the whirlwind of an experience, @ompamo!

i sh***.php r-hole and if not do i have to guess the params?

Enumeration is very slow (20 reqs/s) with dirbuster

I need a small nudge for root…
so I have all the various files, got user.txt…
found some interesting things in the incident files.
Also found some articles talking about the compiled file…but struggling to connect the dots…

Update: so after some fighting finally manged to get this resolved :slight_smile: thanks to the ppl assisting :slight_smile:

Got root! message me for help

Hey all! For root part Should I brutforce the magic or just try other ways of execution?
Would highly appreciate a nudge here.

nvm, above is nonsense and i was dumb… rooted! thanks @ompamo, I’ve learned my lessons