Quick

Does the initial foothold relate to ssl cert of portal… or it is a ■■■■ rabbit hole?

Well ■■■■…rooted, i need a lot of help at the end…still not sure if i confused myself or what… i will go through it one more time. hit me up i will be glad to help. if i miss you i am sorry. lots of pms coming in.

@MrR3boot i think i lost a piece of me on that one haha

Does anyone get this error while accessing the p*******.q****.h** portal : Error retrieving URL, it works only when it wants i’m kinda stuck refreshing F5 …

Type your comment> @Selcius said:

Does anyone get this error while accessing the p*******.q****.h** portal : Error retrieving URL, it works only when it wants i’m kinda stuck refreshing F5 …

Same here !

i have had odd issues but not that one, i was getting socket error but it was self induced

@EvilT0r13 and @Selcius …i think its due to multiple people on the box at the same time

Type your comment> @Selcius said:

Does anyone get this error while accessing the p*******.q****.h** portal : Error retrieving URL, it works only when it wants i’m kinda stuck refreshing F5 …
Just have to keep refreshing, or use burpsuite’s repeat…

Could somoene sanity check me? I’m on the portal, working on getting a foothold. I’ve made an exploit and can ping myself from the box, but having trouble doing more. I can elaborate on what I’ve tried in PM if anyone’s got a minute.

Type your comment> @EvilT0r13 said:

Type your comment> @Selcius said:

Does anyone get this error while accessing the p*******.q****.h** portal : Error retrieving URL, it works only when it wants i’m kinda stuck refreshing F5 …

Same here !

same here!

Finally got user. It was pretty hard for me. Need some rest xd

Finally got root , really interesting box foothold and privesc were the best part !

pm me for help

Rooted ! Enjoyed the box ! The only issue was the refresh battle in the end. Thanks to @stoneric for the nudge. Kudos to the creator @MrR3boot

Type your comment> @EvilT0r13 said:

Rooted ! Enjoyed the box ! The only issue was the refresh battle in the end. Thanks to @stoneric for the nudge. Kudos to the creator @MrR3boot

if by refresh battle, you mean by lastest site, then using ssh tunnels helped for me

so. tbh.
this was the best and cleanest box yet, c/o @MrR3boot
which is great because sometimes they are a bit fantastical. which is also great but in a completely different way.

this is also a reasonably helpful box for AWAE/OSWE prep, due to certain sections.
so big-BIG thanks to the creator for multiple reasons.

we appreciate you dude, despite the fact that we hate you often.

Can anyone double-check me on something? I have access to the UI with creds found earlier, have a type of callback working and am really close to getting the next level foothold - just stuck on the possible syntax or something really small I’m missing. Thanks.

All i can do with this box is now move on.
Helpless and i have nothing left to try…
This box may be the best …but its super frustrating for me .

ok, I think i have an issue with my VM. I’m stuck at the foothold, I found out the P process and manage to get curl to fetch it ( was a nightmare to update and compile properly), anyway, this is the only way I get a reading of p*.q***.***b Am i supposed to be able to get there with our favourite orange k9 ? because the dark shiny metal cannot be installed on linux. am I doing something wrong ? or is this how it’s supposed to be done?

Any hints on privesc from user2?

NVM: rooted. Thanks @applepyguy

Type your comment> @offsecin said:

All i can do with this box is now move on.
Helpless and i have nothing left to try…
This box may be the best …but its super frustrating for me .

Did you spot the technologies that are being used for initial foothold and initial user access? Got past the first one, still fighting with the second to get initial user.

Type your comment> @guanicoe said:

ok, I think i have an issue with my VM. I’m stuck at the foothold, I found out the P process and manage to get curl to fetch it ( was a nightmare to update and compile properly), anyway, this is the only way I get a reading of p*.q***.***b Am i supposed to be able to get there with our favourite orange k9 ? because the dark shiny metal cannot be installed on linux. am I doing something wrong ? or is this how it’s supposed to be done?

I wasn’t able to just had to use curl. Which is enough to get the required information