Rooted, but I think I don’t fully understand why particular input worked in root part (certain sign in passed variable/command and its usage in **c* command in ***n***a**.*h script). I would be grateful if somebody could DM me with short explanation, just to exchange experience and gain some knowledge.
Try to enumerate files and directories on the server. Maybe you find a file or a directory that stands out, that you think should not be there, then take a look at that and ponder what you can actually do.
Remember: These boxes are made to be hacked. What you find is usually a very good hint at what you can use.
Ok. I still try to upload stuff on the place for uploading stuff. After a bit of googling i got that i need to change some stuff in b*** S***. The problem is that it is still not working. Can someone give me a hand? All PMs are welcome.
if you can understand what the article is about you should understand what you need to do for user
Thanks for posting this it was really helpful. I read it on an earlier comment and it was the first useful hint I got from this thread and helped me get user.
Rooted!?
This was a challenging but also fun box for a noob like myself, definitely learned a whole lot. Getting user was a serious struggle, but root wasn’t so bad.
Shout out to @ShayNay for all the help!
Feel free to PM if you need any assistance with the box.
Rooted! My first box. Was rather fun! Really enjoyed it. To get the initial shell: Trick the server to think something is something else. User: Find interesting file, see what it does. Timing is crucial. Exploit it! Root: Basic enumeration. You can also google it.
if u are n00b like me its going to be pain in ■■■■… but trust me this box is easy and it give some cool knowledge , took me 3 days for user and 10 minutes for root.{my safemade first blood record} …thanks to all guys for their nudges
Looking for a small hint, working on root. Found the script, I understand most of what its doing but unsure how to leverage this into something useful for myself
i have uploaded my shell using double extension, but can’t get the session. the up***** dir shows “.” (dot). i tried calling the file name through u******/file_name but got 404…