Traceback

Guys the sl.php doesnot give me the P***y shell while accessing via POST method, Can someone point me to right direction

Rooted!

Big shoutout to @HomeSen for giving me that little nudge I needed!

Try to abuse other functions to give you a more stable shell :wink:

Now I know why not to try out new machines as a beginner. Time outs had me thinking i was on the wrong track.

as promised… here’s my writeup for traceback!

STOP RESETING THE BOX!

Please stop deleting machine files…!!!

just rooted the box.
PM me if for nudges.

Type your comment> @bekho said:

just rooted the box.
PM me if for nudges.

I hope to God you weren’t the one to delete my files right before i got root!

Chaps, I know I’m at the right point for user with the right file and also know I have to sudo but no such luck here, a gentle kick in the right direction would be nice! And thank you!

I stuck at root. I listed the processes running on the system, but now i dont know how to proceed. I tried smth but didnt work.

Any PM hints are welcome :slight_smile:

YO Finally ROOTED,

It was an easy box just need some basic linux knowledge for privesc and some enumeration specially the process for root.

@GoldsteinNZ said:

Got root finally. I was on the right path 2 hours ago but got side tracked after looking at the wrong permissions. Make sure you check the permissions on the back ups AND the real files.

Same for me.
User was easy

Hack The Box

@th3jiv3r said:

as promised… here’s my writeup for traceback!

Awesome write up. There is one step you managed which I really couldn’t do and had to solve in a much more annoying fashion.

If you get some spare time (tomorrow maybe, as I am about to sign off for the night), it would be ace to talk about this.

Looked for OSiNT but got nothing…plzz help

@TazWake feel free to drop me a DM!

Type your comment> @thescriptkiddy said:

Looked for OSiNT but got nothing…plzz help

read the home page source code and use google and try what ever you found there

Type your comment> @GoldDomar said:

Type your comment> @thescriptkiddy said:

Looked for OSiNT but got nothing…plzz help

read the home page source code and use google and try what ever you found there

this might be dumb but i didnt got anything…

@thescriptkiddy said:

this might be dumb but i didnt got anything…

Try a combination of the name and the exact sting.

@sparkla yes root flag will unzip the write-ups