Book

Boy this machine is stupidly slow! o.0

is this an unusually hard box or are the usual first blooders away on a holiday retreat? i’d like to think of @sampriti or @snowscan parasailing at an exotic destination drinking tropical cocktails with fancy umbrellas in them.

I couldnt see anything obvious yet but the pdfs and jpgs are the only thing i noticed unless they are a rabbit hole.

It has to be something related to f upload and f****k.php…

found an admin page, cant do ■■■■ with it lol

I’m planning to start this tomorrow, but the fact that there are no bloods worries me :smiley:

I think I found something that might be vulnerable but still working on exploiting it, surprised theres no bloods taken yet ?

Just followed another rabbit hole, just to find out the vuln is long closed. :neutral:

Have there ever been boxes where XSS was the foothold? I was able to get an XSS trigger to send me a cookie, but it seems the admin user doesn’t interact with the feedback so I can’t get their cookie…

Still no first blood. Has anybody managed to get a foothold yet?

Type your comment> @Thane121 said:

Have there ever been boxes where XSS was the foothold? I was able to get an XSS trigger to send me a cookie, but it seems the admin user doesn’t interact with the feedback so I can’t get their cookie…

This is a really good question. No box with xss to my knowledge.

Type your comment> @init5 said:

found an admin page, cant do ■■■■ with it lol

You can try to BF it :slight_smile:

There was one actually

Type your comment> @Thane121 said:

Have there ever been boxes where XSS was the foothold? I was able to get an XSS trigger to send me a cookie, but it seems the admin user doesn’t interact with the feedback so I can’t get their cookie…

Yes there has. One of them is still active

@bertalting said:
Type your comment> @init5 said:

found an admin page, cant do ■■■■ with it lol

You can try to BF it :slight_smile:

Normally I would, but @MrR3boot said there is no need to, I am taking his word for granted
for now ?

Type your comment> @Endoisshy said:

Type your comment> @Thane121 said:

Have there ever been boxes where XSS was the foothold? I was able to get an XSS trigger to send me a cookie, but it seems the admin user doesn’t interact with the feedback so I can’t get their cookie…

Yes there has. One of them is still active

Good to know, thanks.

Anyone think that the /d*.php and the /down****.php could be related or could that be a rabbit hole?

Type your comment> @durante said:

Anyone think that the /d*.php and the /down****.php could be related or could that be a rabbit hole?

That’s what I’ve been working at, but so far nothing :confused:

Type your comment> @ShadowSuave said:

Type your comment> @durante said:

Anyone think that the /d*.php and the /down****.php could be related or could that be a rabbit hole?

That’s what I’ve been working at, but so far nothing :confused:

I’m trying some common directory traversal payloads but haven’t managed to find anything so far.

someone got the user after 3 hrs :wink: