OpenAdmin

Type your comment> @RaNa said:

Type your comment> @khalid said:

(Quote)
Same Here, can some one give a nudge on root user.

I had the same problem. Tried to figured out why. I dropped a shell through il , not through s. I was in as ja, got user flag, but s*** -* simple didn’t come back with anything useful for privesc like others were talking about, like Gb. Once I changed method and logged in with S* creds it worked and saw what others were talking about. After this, easily rooted
Thx beemo123 for previous help.

someone can give me a hint in that curly thing? maybe i don’t know the syntax, i tryied the door, even the window, but i can’t enter.

Type your comment> @Meise said:

someone can give me a hint in that curly thing? maybe i don’t know the syntax, i tryied the door, even the window, but i can’t enter.

I used the command: curl URL

Type your comment> @Nebr0s said:

Type your comment> @Meise said:

someone can give me a hint in that curly thing? maybe i don’t know the syntax, i tryied the door, even the window, but i can’t enter.

I used the command: curl URL

yeah i use curl+url+port with the creds but it seems not working

EDIT: im dumb, it works

Type your comment> @Meise said:

Type your comment> @Nebr0s said:

Type your comment> @Meise said:

someone can give me a hint in that curly thing? maybe i don’t know the syntax, i tryied the door, even the window, but i can’t enter.

I used the command: curl URL

yeah i use curl+url+port with the creds but it seems not working

I curled as user1 locally on the target without creds, just curl url.

for god’s sake stop deleting the directory !!!

Spoiler Removed

can someone help me, I’m in the index.php folder, what should I do now?, someone could help me, I’m lost, I have ssh j … @ 10.10.10.171: $
can anybody help me ?

found priv*** k** in local system via curl but it is not working at all while parsing to ssh and john any nudge?

Just finished them machine. This was my first active machine. Put about 8 hours in total into the machine. Along the way I learned a lot and really enjoyed every step. PM me if you have any questions!

Spoiler Removed

since when is there a login form with the title Tutorialspoint?

got user.txt without having access to jo*a account :stuck_out_tongue: , but access is required to get root. Is the key that mn.php returns valid?

Type your comment> @kkaz said:

@neoconfig said:
can someone help me, I’m in the index.php folder, what should I do now?, someone could help me, I’m lost, I have ssh j … @ 10.10.10.171: $
can anybody help me ?

use curl on this with ji*** creds, run curl again but this time on m**n.php you will get the thing.
I am stuck after getting thing

I am at the same point. I have managed to use curl to obtain the interesting file however whenever I try to use this for user2 it doesn’t work. Not sure if I need something extra or an issue with the box, any advice or a nudge would be great.

Type your comment> @kkaz said:

got user.txt without having access to jo*a account :stuck_out_tongue: , but access is required to get root. Is the key that mn.php returns valid?

Ask John should be give you confirmation.

@kkaz said:

found priv*** k** in local system via curl but it is not working at all while parsing to ssh and john any nudge?

John has a helper app for this.

@JDR0x7CC said:

Type your comment> @kkaz said:

@neoconfig said:
can someone help me, I’m in the index.php folder, what should I do now?, someone could help me, I’m lost, I have ssh j … @ 10.10.10.171: $
can anybody help me ?

use curl on this with ji*** creds, run curl again but this time on m**n.php you will get the thing.
I am stuck after getting thing

I am at the same point. I have managed to use curl to obtain the interesting file however whenever I try to use this for user2 it doesn’t work. Not sure if I need something extra or an issue with the box, any advice or a nudge would be great.

The thing should work. You might need to do some other things to it to get the extra bit you need to make it work.

Finally got root. For me some parts of this box were more difficult than Bitlab. Thanks to @IAMTH3G33K17 @0xPloit I learned something new. And thanks to @gunroot I learned that I already had pass for user1 two days ago

Question. Are new, free, easy boxes always like that? Everything lagging, people bruteforcing ssh, broadcasting in the terminal?

@elearning said:

Question. Are new free easy boxes always like that? Everything lagging, people bruteforcing ssh, broadcasting in the terminal?

Pretty much. Any new box on free gets slaughtered when it starts out. People are running scripts they dont understand and resetting the box any time their mad approaches dont work. When you get into them people are changing files, deleting things etc meaning you never really know if your approach is working.

Easy boxes stay like this a LOT longer than the harder ones.

Hard boxes settle down after about 2 - 3 days when the lunatics give up. Easy boxes can last weeks while people run DOS exploits …

Open Admin forced me to go VIP this year.

Hi all, I’ve gotten user2 and am struggling on privesc to root. I keep being prompted for a password when trying to run a s*** command, am I trying something incorrectly?

If anyone could DM me a hint it would be greatly appreciated