Magic

thanks guys i just got it :smiley: i’ll still come pm for some more questions @human

Stuck @ www-data can someone help me ?

@madmob69 said:

Stuck @ www-data can someone help me ?

Enumeration. Find some creds. Think about what the file they are in is used for and find a way to dump the contents of that.

Got Root! thnx @TazWake for the nudge

Hello everyone,

stuck at user, unable to figure out any useful service to use the found creds and proceed further

Stuck on root. Any nudge? No bin stick out.

Spoiler Removed

Rooted this box a week later after user flag
Thanks @shadyR for the hint
Nudge me if you need help for this box

Is this box always unstable? I can access the box for about a minute and then it kicks me off

Type your comment> @43y3s said:

Is this box always unstable? I can access the box for about a minute and then it kicks me off

I do not remember having any issues with the machine. If there is a problem I will sometimes try and switch regions (EU → US) and try a machine there. I will frequently try and switch regions to where it is very early morning as most people on here are probably note poking around early in the morning. Also some shells are much more stable than others so it depends on what you are getting kicked off of (nc vs meterpreter vs ssh).

I must be having some serious bad luck, ill keep trying this one tomorrow

Type your comment> @43y3s said:

I must be having some serious bad luck, ill keep trying this one tomorrow

If you message me what you are doing I can see if there is a way to help you out.

Done, sooo nice machine
Much thanks to @TRX
Linux staff is always c00L
PM if have problems

The initial foothold is what everyone does, don’t make it complicated. Just do those tests when you see a form.

User:
Look at pages source codes. You find something which you can use it to go further and get the user.

Root:
The enumeration part is easy. but you may need a little nudge to get the root.
other users already talked about the tools.

All in all, it is not a good idea to work on this box after Quick box :slight_smile: , you make think complex.
Let me know if you need any help.

Fun box, thanks to the creator.

Foothold: after you find the spot where you login, think very old school prevalent OWASP top 10.

User: I got stuck here thank you @TazWake for the nudge.

Root: Enumerate when you find your target, don’t overthink how to exploit it, try the classics first.

Is this box really unstable…or is that just me?

Rooted ! Very nice box ?

Foothold: Should be able to login with no problem. After that, trick the verification to accept what you want. But wait, where it goes ? Maybe go back home to check.

User: You will find some juicy info real quick. I found it and saw it but how I use it ? Because we miss something right ? Try a way to access it another way! Yes you are on the right path.

Root: Your favorite enumeration script will probably find it right away. Be attentive when reading the results. You can read it and (l)(s)trace it. Maybe we can confuse a part of what we found to execute what we want.

finally rooted! however, I could only print the root flag and not spawn a full shell (I tried it, but they were all unresponsive)…out of curiosity, I’d love to hear how to get a root shell via the same s*****o file, so if anyone got it please dm me!!

So i acquired the m**** creds and i know i have to interact with it somehow. I have been throwing commands + q*****s in the url to no avail, tried remoting in as well through terminal still no luck. Im pretty stuck as to how to interact with it at this point …could use a nudge …please PM

Ahhhh …ok thank you @TazWake for the nudge…to the next move…

Any advice on getting a shell? Got RCE but haven’t been able to establish a shell. Tried a php one liner, python, /bin/sh etc. Listed the whole file system & saw an interesting .p**5 doc but is empty when accessing via url.