Rooted. This was really fun and taught me new things. Thanks to @Andres7ll for nudges that helped me get user because I was overcomplicating things. After that, root was a breeze. Way easier than I expected!
PM me if you need nudges or hints. I will not give you any straight answers though. I will simply point you in the right direction and help you learn as I did.
Well, I’m probably sleep deprived and over complicating this - but Id welcome a nudge on what to do with the tool once you login. I know its probably something to do with the | feature, and I assume a markup language of some sort but beyond that… Lost.
@melodicminor said:
Well, I’m probably sleep deprived and over complicating this - but Id welcome a nudge on what to do with the tool once you login. I know its probably something to do with the | feature, and I assume a markup language of some sort but beyond that… Lost.
maybe you can get the “tool” to build you something …
“something” that opens the door and allows you to execute commands based on the backend technology…
ohkay this is my first windows machine, and i have no clue whatsoever
so what should i study or where should i need to look for reverse shell here?!!
a little push needed guyzz
ohkay this is my first windows machine, and i have no clue whatsoever
so what should i study or where should i need to look for reverse shell here?!!
a little push needed guyzz
I wouldn’t think of this as a “windows” machine. Your attack is based on the technology stack in use and the box name is a bit of a clue. Once you log in, look for ways you can use the technology to run commands on your behalf.
ohkay this is my first windows machine, and i have no clue whatsoever
so what should i study or where should i need to look for reverse shell here?!!
a little push needed guyzz
I wouldn’t think of this as a “windows” machine. Your attack is based on the technology stack in use and the box name is a bit of a clue. Once you log in, look for ways you can use the technology to run commands on your behalf.
ohkay m on it!!
need a little research from my side…will do it!1
I would really like to kill the r******r before he kills me
Uf… finally got the user!
Edit again: rooted! A bit frustrating because of poor performance. But an enjoyable machine overall, and quite realistic.
No joke on the r******r bit! Looking for any nudge in how to get around that particular hurdle. I am able to do just about everything else I need to get this thing knocked out.
(Quote)
No joke on the r******r bit! Looking for any nudge in how to get around that particular hurdle. I am able to do just about everything else I need to get this thing knocked out.
The r******r bit is just a necessary step to do machine cleanup. You have quite a big window to do your stuff before it kicks in. Time it well and you shall succeed
(Quote)
No joke on the r******r bit! Looking for any nudge in how to get around that particular hurdle. I am able to do just about everything else I need to get this thing knocked out.
The r******r bit is just a necessary step to do machine cleanup. You have quite a big window to do your stuff before it kicks in. Time it well and you shall succeed
I can imagine that but it seemed to be running every 30s or so. I would upload the thing and before I could navigate to it, R would have run and it would be cleared out.
Not sure what was going on but after somebody reset the machine, it acted normal and I was able to complete user and root flags last night. Fun box with some unexpected direction. I did not see s********n and A**** D****s coming in the same system!