Magic

Can’t access the file after uploading under i*****/u****** section, can anybody PM me the nudge??

Any hints for root?

To whomever uploaded that burp request to docker.registry.htb, thx for the laughs :slight_smile:

@UrielY how did you upload the file? Everything I try results in “What are you doing there?”

Type your comment> @AidynSkullz said:

@UrielY how did you upload the file? Everything I try results in “What are you doing there?”

PM me

Spoiler Removed

how you bypass login

Just rooted the machine.
All in all an okay machine! :slight_smile:

Spoiler Removed

Just got root…
Thanks to @sh0wa for helping me out of my rabbit hole…

I made root harder that it had to be…

Pretty basic, but learned a trick I didn’t think worked at the end. Nice box.

Rooted thanks to a nudge, thanks @sh0wa !
Root was quite hard to spot. Requires some proper enum and knowledge of (basic) vulns! :slight_smile:

rooted and learned alot

any nudges on initial foothold. I think some nasty h***** are the way to bypass login, but nothing I tried works. Am I going down a rabbit hole?

have user looking for root, not finding much could use a nudge :slight_smile:

struggling to actually login on the page, any help would be appreciated :)))))

root was hard to spot, but easy to exploit :3
fun box

EDIT: i recommend using that one big expensive commercial tool instead of the cool open source one for root

Yea stuck after user. Ran lots of enum scripts. Found some interesting binary, not sure where to go

edit: got root.

Pretty cool box. Thanks @TRX for the learning experience. Also thanks to @0x41 and @skunk for the tips.

@sh0wa left a great hint for root.

Really enjoyed this, thanks @TRX