Json

Almost there i think but struggling with the final step with the vegetable, any one else get “Failed to start HTTP server” errors with this and have any pointers ?
Believe I know the reason why (port is in use) but not how to get around it… PS version looks to have a work around but can’t get the PS module to run … :frowning:

edit: got there, over thinking it as ever

I don’t understand: I get in the website using the “maybetoomuchsimple” credentials… Is that a honeypot? Because those creds are apparently unuseful…

Type your comment> @BadRain said:

I don’t understand: I get in the website using the “maybetoomuchsimple” credentials… Is that a honeypot? Because those creds are apparently unuseful…

In the right place, keep looking at the requests and responses as you browse the site… remember the name of the box also…

Ok, I give … I am able to log in and I know where I need to aim my attack, but I am not having much luck with the POC tool. One of the payloads keeps giving me an error, and I could really use some help getting it to run through cleanly and verifying where I am aiming, etc. If anyone can give me some guidance, I would really appreciate it. Please DM me and I can show what I have and what errors I am getting.

**Edit: thought I had it, but I guess I don’t … any help would still be appreciated!

And that’s ok. it’d be nice to discover a way to exploit those infirmations :stuck_out_tongue:

Edit: got user , going for root…

Cool little box, well done. Low-priv foothold taught me a fair bit, and found 3 different privesc vectors once I was in. 5 stars!

Got root, pretty nice box. Thanks @amra13579
I still don’t know what to do with F___Z___a, so if someone got root with that, please PM

Can I get a quick PM about initial foothold? Keep getting subsequent errors with POCs.

aehm… ys******l and the bunch of parameter… too many quotes for the upload of a payload (trying to get root). Any suggestion?

fun ride after forest, straight forward box, no windows vm needed for ys******.
thx to @amra13579

Type your comment> @BadRain said:

aehm… ys******l and the bunch of parameter… too many quotes for the upload of a payload (trying to get root). Any suggestion?

update:
payload uploaded… but can’t run it! :frowning:

Very good machine, and I usually hate windows ones. I had fun with the user part.

so, whenever i log in after a 3 seconds booom they kick me out… there is block in signing in on their web? help with it… its very frustrated

Finally rooted.

For those of you struggling to get a payload to execute, the Stormtrooper is your friend. That’s where I was stuck for a lonnngggg time. The rest of what you need is in this thread.

got stuck for about 2 days on privesc chasing rabbit holes thanks to hashcat.

If anyone wants nudges P.M me :slight_smile:

Ok, got in as u******l… got a reverse shell… almost there…

Rooted

Quit interesting (and fast) machine.
Still dont know why my payload didnt work but thanks to @nullorzero for helping in debugging something we both didnt see

Rooted.

The most interesting thing, That I developed a python exploitation script to automate the process for initial shell.

really enjoyed. many thanks.

got meterpreter working, but can’t find the right exploit