Mango

rooted!! i think player is easier than that :stuck_out_tongue:

Type your comment> @v01t4ic said:

Thanks @MrR3boot for the box this interesting box!

Really liked user part though had to ask for nudges. Need to add colors to my exploit fork to make it look even better =)

Root is much simpler

Glad you enjoyed it :slight_smile:

@ngaswam said:
rooted!! i think player is easier than that :stuck_out_tongue:

Are you serious ? for me Player is nightmare lol :stuck_out_tongue:

This one took some time, in the end I loved it and learned a lot. Thank you!

Thanks @MrR3boot , learned couple things :slight_smile: The route to user was quite fun (and thankfully it was not as much trouble as Player).

I quickly found my way to the “under construction” page, but got stuck there for some time. For anyone else in a similar position, my hint is that the vulnerability used to get there is correct but it needs an uplift. Perhaps taking a look at PayloadsAllTheThings would help (if you got to the under construction page you will know where to look in the repo).

Hey guys! I am in need of help, searchengine and a**t. found, unable to find the login page can anyone give me a hint? :slight_smile:

I’m stuck in the privesc part… Any hint is welcome PM
Thanks!

Spoiler Removed

Thanks to @rholas and @joshibeast for open my mind.

Rooted.
VERY enjoyable box. Thank you @MrR3boot

Hints:
User: This Mango is not really a mango… it’s something more “known” to us. :wink:
Root: Your usual enumeration should highlight your target.

Happy to help if anyone needs a hint.

@naveen1729 said:
Type your comment> @rholas said:

(Quote)
being too literal, consider a “fuzzy match”

Bro your a Genius!!!

Just now reading on how to approach the sweet fruit and your hint is spot on !

Hey everyone! I am having a hard time trying to move forward. I am stuck on the mango search engine and the a*****.**p. Some help please! I am new at this! Thanks.

It’s been 3 weeks since I got into this wonderful world of pentesting. I’ve done a few machines here but his has been one of the most enjoyable ones for me so far. So great job on this box @mrR3boot!

I really struggled with a python script, everything seemed perfectly fine, but I got a different answer than I expected every time. It helped to pass an extra argument to a method somewhere (silly me).

I didn’t get a root shell but was able to get the root flag anyway. I assume it’s through the same escalation method though.

Hints:
@olsv gave a really good hints for the initial foothold.

root: it helps if you can code in a certain language

Hey, I’m also stuck at the mango search engine and a******.*** I could use a hint on finding the login everyone keeps mentioning.

dont be blind like me and check carefully S**d

@ZeWanderer said:

Hey, I’m also stuck at the mango search engine and a******.*** I could use a hint on finding the login everyone keeps mentioning.

If search is not that helpful, there might be something else on that machine that is very similar to the search, but less restrictive.

Type your comment> @olsv said:

Finally rooted. That was a nice experience and definitely one more thing to take into account during enumeration. Thanks @mrR3boot

For those who still struggling with the initial foothold:
User:

  1. Don’t even try to brute by dictionary. There is absolutely no chance to do that.
  2. Don’t trust your eyes - trust responses.
  3. Don’t forget that some special chars have even more special meaning.
    Root:
    For some reason didn’t manage to spawn local shell, but managed to spawn reverse. Once again don’t trust your eyes.

For those who still cannot get hints about fruit. Try to play with letters

I hope I don’t have to study a new query language…

Thanks to @MrR3boot for the box, I enjoy a lot custom exploits and this one was really fun.

(silly OT: how can you rate machines? Is there a upvote/downvote system? What’s the star rating in the machine page?)

@BadRain said:

I hope I don’t have to study a new query language…
Nope. You can do it even manually. Although you’ll quickly realize that script is the way to go

@gall0ws said:

Thanks to @MrR3boot for the box, I enjoy a lot custom exploits and this one was really fun.

(silly OT: how can you rate machines? Is there a upvote/downvote system? What’s the star rating in the machine page?)

Click the star in the machine list to give it a star rating.