Official Feline Discussion

root@VirusBucket:~# id
uid=0(root) gid=0(root) groups=0(root)
root@VirusBucket:~# whoami
root
root@VirusBucket:~# ls
root.txt snap

what a great learning

thanks to @jkana101 also thanks to @MrR3boot and @MinatoTW for this box

lesson learnt: take notes. I forgot what i did to get something and now cannot replicate o.0

Rooted. A lot of interesting new things.
Thanks to MinatoTW & MrR3boot for this box

Rooted. I had a helluva time with this one. I was banging my head against the wall due to some typos on my part.

Fun box. Learned some stuff, nearly jumped off a bridge. Good times.

Yess, got root finally! The root was hard, but only because my knowledge of containers was limited. A really good and educational box, I learned a lot. Thanks!

If you need nudges, happy to help.

Rooted. Great machine, yes. A lot of interesting new things for me too.

Thank you to @MrR3boot and @MinatoTW :slight_smile:

Really fun root path, cheers @MrR3boot and @MinatoTW

If anyone can help with getting the right path, will appreciate it. Been stuck for the past days on that

It was really a good machine. Just now rooted it. A highly educational machine. I learned a lot of things I never heard of before. Thanks for the box creators. The only thing which was annoying is from the user shell, whatever file we upload, it will get erased suddenly. So we need to act quickly, it frustrated a lot. But the lateral movement and root part is completely new for me.
My hints:

For User: Analyse the request and response and google FU.
For Lateral Movement: Check all the open networks and analyze it with nc. Google it for a CVE.
For root: Once you’re in, check all the files in ‘~’ and google FU.

@gunroot said:

It was really a good machine. Just now rooted it. A highly educational machine. I learned a lot of things I never heard of before. Thanks for the box creators. The only thing which was annoying is from the user shell, whatever file we upload, it will get erased suddenly. So we need to act quickly, it frustrated a lot. But the lateral movement and root part is completely new for me.
My hints:

For User: Analyse the request and response and google FU.
For Lateral Movement: Check all the open networks and analyze it with nc. Google it for a CVE.
For root: Once you’re in, check all the files in ‘~’ and google FU.

It is possible to have a user shell without even upload a file, apart from the file that you call, it save you time and frustration :wink:

Type your comment> @Likkch said:

If anyone can help with getting the right path, will appreciate it. Been stuck for the past days on that

Dm

thx @MrR3boot @MinatoTW

Great box, learnt a lot! pm for hints ^~^

Thanks @iampachinko for helping on user. For now great box :slight_smile:
Rooted, nice one.
Remembering from previous @MrR3boot boxes, he likes three times commands to be executed .

one of my all-time favourite boxes, very realistic and current, popular technologies

Very good box.

It is also one of those boxes where just as you think you’ve finished, you realise you haven’t.

Spent an inordinate amount of time dealing with typos but if you can avoid that, User is a known method for the technology in question.

Getting root took me longer than it should and I still dont know why. I was fairly confident I’d done everything correctly but it didn’t work. In the end, a modified approach was successful.

it was one of those machines where i would poke around a lot after getting the root flag to try out things beyond getting the flag. Always a sign of an interesting machine.
Getting root also took me some time, but it was very rewarding in the end and a great experience.

Type your comment> @TazWake said:

It is also one of those boxes where just as you think you’ve finished, you realise you haven’t.

I can sense what you thought that time. ?

@gunroot said:

I can sense what you thought that time. ?

(nodding)

Rooted. This was fun and educational. It is amazing that we always learn something new even though it seems there is you know everything about specific application :slight_smile:

Thanks @purplenavi for nudges.