ForwardSlash

I am able to read files using p************.p** but cannot find anything useful since I am doing it blindly and cannot find the location of the b****p directory. Any nudge would be appreciated

@Brogramm3r said:

I am able to read files using p************.p** but cannot find anything useful since I am doing it blindly and cannot find the location of the b****p directory. Any nudge would be appreciated

Have a think about where these files would be stored in a normal Linux filesystem then with a bit of trial and error you will get the folder name.

Start by working out which folder contains files to which the Linux system writes data during the course of its operation.

Then it normally has a folder which serves as a home for things posted on port 80.

Am i supposed to notice anything after redirection to f***********.*** ? Page seems to be dead even after a reset… Any hint?

@Profhacker said:

Am i supposed to notice anything after redirection to f***********.*** ? Page seems to be dead even after a reset… Any hint?

I am not sure what you are asking about here, so I am going to hazard a guess that the hosts folder needs to be updated.

So after some headaches, I have to say the box is straight forward and I would rater rate it medium.

For initial touch,…as many already wrote…enumerate, find the obvious and abuse it
from shell to user…well yea…timing is everything ;D

from user to root…well that’s a bit tricky and was for me the complicated part…you just have to break it…it helped me to add some prints and play around with the file.
the last step was pretty easy and quick as its kind of obvious (basic enumeration)

And please use the last command you can run as sudo or at least reset the box :slight_smile:

Type your comment> @TazWake said:

@Profhacker said:

Am i supposed to notice anything after redirection to f***********.*** ? Page seems to be dead even after a reset… Any hint?

I am not sure what you are asking about here, so I am going to hazard a guess that the hosts folder needs to be updated.

Thanks!! I was being stupid! I did not have to change that file up until now…probably this is required to proceed with the box!

Type your comment> @Brogramm3r said:

I am able to read files using p************.p** but cannot find anything useful since I am doing it blindly and cannot find the location of the b****p directory. Any nudge would be appreciated

I’m at a very similiar stage, I can read files and some limited source files, just not sure where to go from here, Have some info about db but not sure how or where to use it.

Any hints anyone ?

@wantsnewsocks said:

Type your comment> @Brogramm3r said:

I am able to read files using p************.p** but cannot find anything useful since I am doing it blindly and cannot find the location of the b****p directory. Any nudge would be appreciated

I’m at a very similiar stage, I can read files and some limited source files, just not sure where to go from here, Have some info about db but not sure how or where to use it.

Any hints anyone ?

Same as last time ForwardSlash - #166 by TazWake - Machines - Hack The Box :: Forums

Nice box, but its not hard, maybe medium

Am I wasting my time trying to abuse this broken f** login in i***x.**p?

@Brogramm3r said:

Am I wasting my time trying to abuse this broken f** login in i***x.**p?

It depends. If I’ve read it correctly, you are looking at the file which gives you what you need to get access.

Some skids change the password of c*** plzzzzz stop that sh********

need a push since my “permission is denied; not that way ;)”
no idea on how to go over it

@Nt3c said:

need a push since my “permission is denied; not that way ;)”
no idea on how to go over it

With PHP, you can apply a filter which lets you bypass this.

Type your comment> @TazWake said:

@Nt3c said:

need a push since my “permission is denied; not that way ;)”
no idea on how to go over it

With PHP, you can apply a filter which lets you bypass this.

got it :wink:

Thanks @TazWake and @cY83rR0H1t

Can anyone provide me with a nudge. I can read files, but I haven’t found a way to execute code yet. DM please!

Update: Thanks @cY83rR0H1t for pointing out the not so obvious place to look for code in progress/development!

Just rooted !
What a great box ! Thanks @cyberafro for your help.

any nudge plz about the c****o ? I’m stuck :frowning:

@Drxxx said:

any nudge plz about the c****o ? I’m stuck :frowning:

If you mean the python file, you can add code which brute forces it.

Type your comment> @TazWake said:

@Drxxx said:

any nudge plz about the c****o ? I’m stuck :frowning:

If you mean the python file, you can add code which brute forces it.

Yes, I did that with rockyou list but failed all pass as keys