Mango

Type your comment> @oneoftheevil said:

I am stuck at the login page. Can someone give me a hint via DM?

same here

am i supposed to be able to run a -l command once i have user because i cant and i dont see anythin interseting anywhere.

finally was able to get both flags :-0
nice box! very educational!

if someone knows of a way of rooting the box (not just getting the flag), would you please DM me?

Type your comment> @galimba said:

if someone knows of a way of rooting the box (not just getting the flag), would you please DM me?

Write instead read.

Just finished! A lot of people say they don’t like the initial foothold, but I enjoyed it.
Pm for hints.

Spoiler Removed

looks like i am missing exact one special char in the enumeration. i know the length of the password and i have all length - 1 position. but i am not able to find the last char of m**** password.

edit: wow, my bad. messed up the regex… in this case, another fruit helped me to solve it. i just went away to get an apple and bam, then i found my mistake.

Rooted. This was my first medium-ish box and I learned more from this than any box I’ve done yet. Got stuck in a bunch of places, but patience and taking much need breaks after smashing my head against the wall helped. I had used the underlying mango technology before, but learning how to “extract” the “juice” from it was so educational and cool.

Got a little stuck on root. Enum and once you notice what is sticking out, you’re probably on the right trick. Just be persistent. It might be a tricky little ■■■■■■ to GTFO it to do what you want.

Thanks @MrR3boot

Stuck on the login page, dont know what to do next. A little help please, everyone. :frowning:

Think of what we do on a login page (just combine that thought with box name). Good Luck

Aaaaand done. Thx to @MrR3boot for this great machine and to @H4ck3d5p4c3 for helping me

Rooted. Feel free to PM me if you need a nudge :slight_smile:

Rooted, ty @H4ck3d5p4c3, if someone need help feel free to pm me
Nc box @MrR3boot

User: python script made your work simple, Mango it’s not real Mango, change 1 word
Root: gtfobins

Please need bump for initial foothold / user. Found login page and tried MANY in******n techniques, but have gotten nowhere. Please help.

EDIT:
Just rooted, thankyou so much to @4v3r4g3 for giving me the bump to get me to user.
I personally found user extremely difficult, but getting from user to root took about 30min.
However, I never spawned root shell - that proved hard.
Thanks for another great box @MrR3boot

rooted

Foothold is hard to figure out if you’re not dealing with backend tech much.
I mean all those comments about the relation to the site/fruit name weren’t much of a clue (well they were … after i found how to exploit).

The only reasonable hint was mentioning PayloadAll*
So i’ll repeat this as my hint once again:
don’t focus on the fruit/name clue - go to the methodology (mentioned above), and check how to enumerate in different technologies.

Good box learnt some new things. User was pretty annoying because there are several rabbit holes. Once you’ve got the login page focus on that exclusively, forget the other subdomains. It’s not mentioned in any of the solutions but it IS in fact possible to figure out the underlying tech using dir/file bruteforcing (if you hadn’t had any hints from the forums or box name). There is a certain file ins******.j*on that gives you the info. As for the script, don’t exclude special chars, just escape them.

Popping a root shell is simple. No need to mess around with ssh keys at all like a lot of ppl mention (in real life most boxes have root ssh disabled anyways so that’d be useless). bash -p is your friend.

New to this type of box. Anybody got any nudges on how to even get started? or where to even begin? Enumeration got me to login page and the a****s.php page but all this mango talk has me confused.

Hello,
I need help. i extracted password from my python script. Impossible for me to use them with SSH.
Maybe a special char is missing in my password …
Please PM for more explications.
Thanks !

Thx @mRr3b00t for this lessons.
Rooted. Root is easier then user.
Python is your best friend. Be careful with your alphabet.
As usual, PM for nuggets.