I’ve done it!
Thanks @Marsh61 for tips
Finally rooted!
Thanks to @EvilT0r13 and @sh4d0wless…
Accurate hints are there by @somecanadian in page 9!
Great work MrR3boot…Looking forward to have similar boxes from you… Its true that difficult paths lead to beautiful destinations
Feel free to PM if need help
Well I finally rooted this box but wouldn’t have been able to do any of it without a lot of patience and nudges along the way from @TazWake and @wxadvisor .
uid=0(root) gid=0(root) groups=0(root)
python -c ‘import pty;pty.spawn(“/bin/bash”)’
root@book:~#
Each stage taught me techniques which I haven’t seen or used but will definitely not forget.
Rooted … If you need help ping me on discord !! icoNic#0097
Bypassing the guard on this one has got me stumped. I’ve tried URL, Unicode, octal, hex, string concat, mixed-case, inline comments. Can any nudge me towards the right one please?
Ignore this, it’s all unnecessary -_-
Hello,
could anyone give me a nudge about the X** thing? I read the noob article and I think I understood where to apply it but cannot get results Thanks…
@daemonzone said:
Hello,
could anyone give me a nudge about the X** thing? I read the noob article and I think I understood where to apply it but cannot get results Thanks…
The output is written to a file you need to download.
This box was a a beast.
Took a lot of researching and a lot of nudges but that’s some good knowledge to have.
Won’t forget it. Thanks for the box
finally got around to doing this box… i learned so many new things! already lots of hints so just pm if you need a nudge but tell me what you’ve already done and tried.
Learned really cool things by doing this box!
PM me if you need a hint.
if you need some help you can always msg one of the many nice guys/girls around,
of course the first thing they will ask you is to cat payload
which you should do,
And at that exact moment you will realize that your are a blind fool.
Many Thanks @TazWake
I found a special file. Whenever I try to login to the server using that file I get err msg “Connection closed by 10.10.10.176 on port x”. I dont know what to do with that. Any hints?
nevermind
Hello guys. I found the vulnerability in the admin panel and I exploit it, but when I use my payload nothing happen. I always be redirected to admin login page but It don’t raise the alert box with “Nope” as usual when you fall login. I don’t want to spoil this amazing box so if someone want to help me for understand better what I am doing wrongly please PM and I will explain more better what I did and what happened.
Spoiler Removed
finaly the box is very fun !! great job !
you need help for nudge mp me
Thank you to @Kevoenos for the link on the initial attack. It was what I was trying, but I was doing it in the wrong place, AND, if doing it at teh same time as other people this part is hard. IF a payload doesn’t work, wait a bit for a reset, and confirm someone else isn’t mucking up the attack. Try not to use a common file of interest to confirm access, use some other file in a directory that will always be there so that you know it was you, and not someone else
rooted !! welcome pm for help
I rooted today but my brainfucked.
I will not say I loved it, because I hit some rabbit holes. The last part was annoying with a capital A but it worked I gave the builder my respect. Keep it up!