Official Feline Discussion

Official discussion thread for Feline. Please do not post any spoilers or big hints.

Yeah, I could use a bit of help on this one, I see the obvious path for the foothold but no idea how to trigger it. Would appreciate some reading material or a nudge

FYI, sample area (upload file) is functioning with chromimum but not from Firefox for me. I’m using Kali Rolling.

Type your comment> @sparkla said:

I see absolutely nothing obvious. There’s u***.j** that’s pretty much happy about anything you feed it, except for a certain type.

I found a l******.t*t file also. Concerning the author of the website code, with a link.

Type your comment> @sparkla said:

@choupit0 said:
I found a l******.t*t file also. Concerning the author of the website code, with a link.
That’s usually just the author of the free html-template.

Yes, nothing interesting.

Does this box require setting up p**tfix or something similar? If so, could one point me to good rescources to securely deploy an S**P server? Thaks

I’m pretty sure to know what is the vuln to exploit. I know uploading a certain filetype leak a lot of informations about where the uploaded file is saved. I can upload my sed ot "son" file. But cant find the good path to make my JS*****D point to it… If someone can give a nudge. Or share some toughts.

Edit: Finally got it! Path is really helpful…

Edit: Rooted. Amazing box! Thx @MrR3boot and @MinatoTW

No Idea what it is doing on the backend, like folder structure to get se***d ot file

I am able to upload certain files from the service page (except image files) but I cannot find where the file is uploaded. Can someone give a nudge…

Same as above… no idea where to find/use uploaded files. Nudges please :slight_smile:

im tryn to read u*.j*p to see where the files i uploaded go but i get invalid request not sure if im my steps are correct or no

.

@m1r3x how did you find this kinda file, I have already used filter to extract all js files in gobuster. It revealed only u****d.js

Type your comment> @offs3cg33k said:

@m1r3x how did you find this kinda file, I have already used filter to extract all js files in gobuster. It revealed only u****d.js

nvm, I wrote wrong file name by mistake.

I can see the filepath where it attempts to put the file you upload, just have no idea how to utilize it. Any nudges? :slight_smile:

Are we sure that there is any kind of analysis on the uploaded files ?

Rooted, great box :slight_smile:

Got user! Very educating user process.

Type your comment> @Caracal said:

Rooted, great box :slight_smile:

any nudges for root?