Official Time Discussion

Type your comment> @PapyrusTheGuru said:

Think I already know the vulnerability, just got to understand how to exploit it lol.

Same here

Type your comment> @PapyrusTheGuru said:

Think I already know the vulnerability, just got to understand how to exploit it lol.

Definitely can relate to this one. I’ve tried a few things out but I’m surprised that it isn’t working. I’m sure it’s something trivial.

Anybody having issues with their root shell not persisting very long? I’ve managed to pop the root shell, but it seems to expire after ~5 seconds.

Type your comment> @toddbrecher said:

Anybody having issues with their root shell not persisting very long? I’ve managed to pop the root shell, but it seems to expire after ~5 seconds.
pm

Type your comment> @Chobin73 said:

Type your comment> @toddbrecher said:

Anybody having issues with their root shell not persisting very long? I’ve managed to pop the root shell, but it seems to expire after ~5 seconds.
pm

Can you please pm me the same thing? I just rooted Time also (with a little help from a friend) :wink: but we both experienced a very very unstable root shell. It’s enough to get the flag, but it doesn’t feel solid. Any advice to improve is very welcome!

Hello,

After a lot of days of enumeration and learning i found the right CVE. ( Or i guess I did )

Is any1 kind and can provide me some tips in regards to how can i make the exploitation?

I cannot write here what i tried so far, but I can send a personal email with everything that i tried.

If any of you with more experience can provide some hints to a noob like me, is more than welcome!

Thank you!

honestly though, why isn’t this box rated insane?

.

the user asked for sometime but the rest was easy except that the root shell was quite unstable. It can be kept next to traceback if i consider its easiness

I think i’ve found the vuln although there are two that I’m looking at. Not sure if maybe I am mistaken and maybe just going down a rabbit hole. I am getting an error “Objectno such class found" when trying to use "zh****.HC” class.

Can’t seem to get a foot hold on this one. I can get the error (V********n f****d:)but can’t seem to find any CVEs. Can someone help me out?

Rooted.

Hint for user: Start with latest CVEs first. Not doing this wasted a lot of my time.

PM for nudges.

Nice box. The hardest part is finding the right CVE after that its pretty straight forward.

Rooted!

Finally! It was super interesting on the user part. Big thanks to @zaphoxx for the hint on user. Since I’m so noob I actually had difficulty with root but finally found it.

User : it’s all about the right CVE
Root : there are alternatives to cron

Happy hacking :wink:

Hello.

Been searching for this CVE based of my enumeration and the comments on this thread. I’m having trouble. Could someone give nudge towards the correct CVE?

Thanks!

Edit: Got it.

Hello. Bit stuck on this one. I found the vulnerability but am having problems exploiting it. I think i have to compile my own java and then paste it in, but im having problems compiling something with javac. Getting errors like
Exploit.java:4: error: package com.sun.org.apache.xalan.internal.xsltc.runtime is not visible
Not sure I am even on the right track!

Im using javac 15.0.1

pwned box :smile: …easy box

user: CVE

root: basic enumeration

PM if you need help.

Need help for User not sure about using the vulnerability can anyone help?

Rooted!!
Thanks @HiddenCry for helping me finding that correct POC for user part.
Finding the correct version of CVE and the exact POC is little difficult, rest is very easy.
Hint:
User: look for the newest CVE.
Root: Trust me, it’s very easy.
PM for Nudges.

In addition to the hints already given, i would say that the key of getting user is find the right article that explain how to use the exploit… you don’t have to create nothing from scratch.