Wall

Type your comment> @wohax0r said:

Hello, Can someone help me? I found the RCE for c********. but I was not able to exploit it. I tried a simple ping but no response from the machine. Please DM me to help.
I obtain in every case “you don’t have permission to access /c********/m***.. on this server.” any tip?

Same here. But %20 causes the denied.
Will look again tomorrow

Can someone send me a hint on finding the credentials? I am really confused.

Hey all,

I stumbled upon an executable called Wall and thought it might be related to the box, since they have the same name and its permissions seemed interesting. I spent up to 4 hours trying to exploit it :smiley: untill I took a look at my one PC and found the same binary with the same permissions.

I couldn’t find anybody in here speaking about this binary before so I was wondering if this is related to the box or not.

Hope this is not a spoiler of some sort

Spoiler Removed

Rooted.

Hi,
I would like to have help to perform the c****** exploit manually: in understood that I should create sper and configure the m*** bin before triggering it
I also understood why “Wall” …

Would someone help me to have foothold ?

Any hints on how to bypass the waf? pm please

Just completed.
Still do not know, what is the proper way to find the login page -:slight_smile: Really no clue -:slight_smile:
I found it following hints on this forum. Need probably wait for write-up to get known, how to do it properly.
After finding this page the rest is relatively easy. Some people mentioned WAF, but I did not notice. After getting shell directly to root.

hi, I need help… /c******* LP

hello, got access to c******n, tried different payloads, tried to bypass wall, but it is not working. Can someone DM me to give some hints on the payload?

Need help with bypassing the WAF… Tried almost all the payloads that I can find but always getting 403 when updating the payload. I would appreciate if some can DM me a hint for finding/creating the correct payload.
Thanks in advance!

Type your comment> @Luc1f3r1921 said:

Need help with bypassing the WAF… Tried almost all the payloads that I can find but always getting 403 when updating the payload. I would appreciate if some can DM me a hint for finding/creating the correct payload.
Thanks in advance!

There is a joke in which a man complains at the doctor: “When I touch my shoulder, it really hurts.When I touch my knee - OUCH! When I touch my forehead, it really, really hurts.” “I know what’s wrong with you. You’ve broken your finger!”

You should find the “finger” (maybe more fingers) which is part of all your payloads and substitute it.

ok rooted.

really nice box to learn to get foothold. Didn’t like the PrivEsc, mainly because I did the unintended way I guess. (I guess) Still, just the exploiting part was great.

Hints: Wait for the code to run. I spent 2 days thinking what I was doing wrong because it won’t run.
If you have troubles with the payload, remember IFStatments. (If it’s a spoiler, please remove)

Root and user were easy.

Thanks to @askar for the box and @Ma1ware and @bumika for the hints. They helped a lot.

Need help with bypassing the WAF… I would appreciate if some can DM me a hint
Thanks in advance!

I am a bit lost, i don’t know what i have to do with the javascript line to get the user pass, i’ve alredy decode the hex strings

stuck at initial shell stage , cve not working… getting 403 error :
can anyone pm me with some help ?

Took me ages, but learned some things and got it done. PM me if you need any help. Thanks @askar for the fun!

I am able to execute payload but not getting a shell back :\ , there’s no 403 error and the link is opening bt not getting shell back

I couldn’t get RCE to work. I found that i should escape some characters and did them. payload uploaded successfully but doesn’t seem to run. Help please…

https://zakcheb.github.io/jekyll/update/2019/12/07/Wall-Writeup.html
Here is my write-up.