Size doesn’t matter. At least that’s what I keep telling my … not important now.
You have the code that does the checking (you do, don’t you? If not, enumerate and maybe you find something). What does the code check for? How can you fool it into letting your “image” pass the upload filter?
Rooted !
I enjoyed this box, easy but at the end you learn some stuff, it was interesting, i apreciated.
If someone want some nudge , feel free to write me
So i’m pretty sure i’m on the right track, but I can’t see anything but a " . " in the u… folder. Yesterday I could see other peoples files there, but now nothing. Anyone has any idea as to why?
So i’m pretty sure i’m on the right track, but I can’t see anything but a " . " in the u… folder. Yesterday I could see other peoples files there, but now nothing. Anyone has any idea as to why?
Check some files and see what happens when you upload something and where does it go. If it says that the upload is successful than the file is uploaded. Check which pages you can open. From there on I am stuck as well.
This was a super fun box. Privesc is usually super hard for me, even tho it took me forever to figure out how to get user and root shells, it was at least nice to know I was looking at the right things, I just had to figure out what was being done so that I could make it do what I wanted, so I was forced to learn some things I didn’t know, which was nice. (How do PHP devs not kill themselves? God that is ugly code)
Got user and got root!!!
As a complete noob into this.
Footstep: I found the pages fast, and had an idea what to do with it. Didn’t know how to do it. Google is your friend. Had to try like 5 different methods before I found the one that work.
User: Once the footstep was in, other user actions on the shared box pointed me in the right direction. Googled for certain commands that I saw being used. Learned some new things, and after several attempts I was able to get user.
Root: Was actually the easiest part. Found the interesting file already duing the user hunt.
You just need some basic linux networking info, to know what certain key scripts do
Finally got root. Tip for root if you’ve tried fuzzing for hours: Sometimes what you tell someone the first time might not matter, perhaps the second time around they will listen to your orders.
I’ve gotten to ‘the page’ and I have a script made, baked well and smelling tasty. The machine won’t bite and I’m wondering which piece of crust is giving me the problem. I can’t find anything worth changing in the headers (the ones I’ve tried changing don’t work out for me). Any help would be appreciated.
Yesterday I got into user privl by touch and funky name but today when I’m trying same method it isn’t working can someone explain me why?
//edit: My bad, everything works just fine.
I’ve gotten to ‘the page’ and I have a script made, baked well and smelling tasty. The machine won’t bite and I’m wondering which piece of crust is giving me the problem. I can’t find anything worth changing in the headers (the ones I’ve tried changing don’t work out for me). Any help would be appreciated.