Mango

@n4v1n said:
Sorry, I’m little late to the party, but honestly, I liked the Mango :slight_smile: @MrR3boot , thanks for the box bhai.

@NikolaITA said:
thanks @MrR3boot ! User was lovely and fun. Root pretty standard.

Glad you had fun :slight_smile:

@Salts Root before user ? impossible

Type your comment> @MrR3boot said:

@Salts Root before user ? impossible

No, misunderstanding. I mean to say that root was obvious before I figured out how to get into user, which is a first for me is all!

It was a cool box, I have very little experience working with uh… mangos that way. It was eye opening.

Hi. Got the login page. Made some magic and got the “under construction” page. No idea what shall I do with this page. Can I have some help?

Type your comment> @p3tj3v said:

keep in mind that a website can have multiple faces… so based on the request the webserver serves different content… so hammering port 80 might not show anything to you… but a “different” port 80 does…

Honestly, I completely excluded that approach from the beginning, 'cause I thought was pointless under this kind of network. Obviously I was wrong. Thank you :wink:

The way to get “juice” out from the mango is to “extract”.

Nice box! Tips for user:
-mAnGo iS a HiNt
-Don’t use bruteforce (it’s useless). Create a script.

Root:
-Standard enum

@limbernie said:
The way to get “juice” out from the mango is to “extract”.

You extracted the Theme of the box. Well done :slight_smile:

Type your comment> @H3L1OS said:

Type your comment> @c0d3rV1J0 said:

Type your comment> @librab103 said:

Hello all. I must be doing something wrong. Like most I found the Mango search page but not the login page or other pages. I checked the certificate and saw the one link but I get an error trying to connect to it. I tried to resolve the link by adding it to my localhost file with no use. I was going to try dirbuster but I see that is not the right direction. I am currently running nikto on both ports and so far nothing. A point in the right direction would be helpful.

@librab103 said:
Hello all. I must be doing something wrong. Like most I found the Mango search page but not the login page or other pages. I checked the certificate and saw the one link but I get an error trying to connect to it. I tried to resolve the link by adding it to my localhost file with no use. I was going to try dirbuster but I see that is not the right direction. I am currently running nikto on both ports and so far nothing. A point in the right direction would be helpful.

same here i have mango search page but i cant seems to find any login page. i dirb all wordlists i have

You are not going to find the login page that way go back to the very first thing you did in your enum go through it carefully and you will see it…

@p3tj3v said:
keep in mind that a website can have multiple faces… so based on the request the webserver serves different content… so hammering port 80 might not show anything to you… but a “different” port 80 does…

Very helpful and on point… really good tips in these posts… this is an awesome box… definitely lots of fun…

Think I have the correct directory for the login page due to some convenient python scripts on pastebin. However, the url does not work. Very confused… Tried both ports. s******-r.m.b/i**.*** right?

How did you guys go to the staging? I’m just in the live folder always.

Got the root flag without logging in as “root” :slight_smile:

Figured out how to get to the lgn page…
Now what? I’ve read that a script to enumerate the backend system is needed.
Where to start??

Day 2, still no shell…

Are there any write-ups you can point to that is like Mango that I can look at?

staring at login page, think I get what the name is about , higher port isn’t open and tried legit logins and '- logins. Anyone can give me a nudge?

Well, I am officially insanely stuck. I found the login page but despite the clues about the box name I have no idea where to go from here. Would appreciate a DM nudge if anyone would be so kind.

I got “under constrution” , any hints?

H******y could be the key to move on?

Spoiler Removed

Root:

  1. You don’t have to priv esc, used the available tools in the system using your current user account.
    Thanks to @rholas