NIbbles

I am starting to loose the will to live with this one. I have the user.txt but not the root.txt. I am unable to re-create my shell. I get an errors regarding a cleanup of image.php - I also have to contend with the machine being reset every 20 minutes. Its doing my head in.

So has anyone else been able to get a shell before and unable to recreate the exploit?

i found the password

and username

thx

can someone who rooted machine dm me! need some help!

PM me for advice. I got root this morning despite the “tty shell needed” error and I know how you’re fucking up. I’ll give you a proper hint no spoilers but it’s an easy fix.

Ah okay guys it seems I’m going to admit defeat and ask someone to help me with the root flag! Spent 2 weeks on this now…so got my shell up and running, ran xxxxxx.sh and linenum.sh got all the info I can gather. Tried multiple exploits, tried changing the xxxxxx.sh file and spent countless hours on su and sudo!

Anyone care to PM me with some help…even the answer as I have truly learnt so much on what NOT to do

Thanks guys

i am login in admin ,wich is next step ,i need help pliz ,i am new

Anyone…? pointer in the right direction please…doing my nutter in here

I need help pliz with shell php :frowning:

Still stuck on trying to get root, this is my first HTB. Any help would be appreciated to get root!! PM me!

Masterrabbit - there are a lot of hints and nudges in the right direction in this thread.

It’s all about enumeration at this point. Once you find it, you will wonder how you didn’t notice it sooner.

i found the exploit but it’s not working …how to set targeturi ?

Set targeturi the same way you set other variables in metasploit.

If unsure what it should be think about what a uri is

Spoiler Removed - Arrexel

Is that the full uri?

@AgentTiro i dont know

Spoiler Removed - Arrexel

Spoiler Removed - Arrexel

@darthgucci i got it ty :slight_smile: