Official Ready Discussion

I was working on Worker and got frustrated. So I decided to try this nice new one for a change of scenery. “It’ll be something new and different” I thought… LOL

~~Anyone able to get a shell? I pulled the user flag but haven’t found a way to get a callback on my reverse shell. A nudge would be greatly appreciated ~~

Disregard. I had a shell the whole time. I’m just blind :lol:
I looked at who else I should go after and then went back to the UI much like a very recent box. I see a project but unsure if this is a rabbit hole. I was thinking there might be juicy that they accidentally pushed up.

Learned a lot from this box, was a fun challenge and showed me some cool new things :smile:

Interesting box.

Type your comment> @exord26 said:

i’m got user, some tips for root ?

Any tips for user?

Not a very creative box…felt like I was redoing laboratory for a bit there…

Got initial foothold, any nudges for user dd

User was fun… root is driving me insane. Doesn’t help that I can’t seem to get an interactive shell to work…

got foothold
stucked on user esc
got root

Still can’t find a way to get D user…
I got the /r***_p*** but doesn’t seem to be working on any user.
Any nudges will be appreciated
edit: rooted
uid=0(root) gid=1001(xx) groups=1001(xx)

Type your comment> @ElleuchX1 said:

Still can’t find a way to get D user…
I got the /r***_p*** but doesn’t seem to be working on any user.
Any nudges will be appreciated
edit: rooted
uid=0(root) gid=1001(xx) groups=1001(xx)

any nudge for D user? @ElleuchX1 @Embargo

Looking to discuss. Got root flag but definitely not intended way. Never got. Shell. Lol definitely an odd box.

Finally rooted this machine and got the flags an unintended way. Nice box with some new learnings.

I got shell with g user, but got stuck afterwards. Any nudges? :slight_smile:

can’t find the root flag pretty weird

Hey, I can’t find anything interesting. I already searched for directories with Dirbuster… nothing. Looked for something interesting in the source code… nothing.
I would be very thankful if someone could give me a hint to what to look for, maybe via pm.
EDIT: received a hint :slight_smile:

Is the machine broken as there’s no root.txt anywhere?

Type your comment> @purplenavi said:

Is the machine broken as there’s no root.txt anywhere?

Not broken. There is more work to do. This is where I am at and am having some errors with my process.

I read the user flag real easily (using one technique against the software), but don’t seem to be able to get RCE (using a different technique against the same software), even though I’ve used this fine in other challenges. Therefore I can read a lot of things, but no shell for g or d user. Going round in circles. Anyone able to help me get back on track?

Edit: the RCE technique worked fine - I just had bad characters in my payload. Got root, and more. Good box - definitely learnt a few things - including to not take anything for granted and keep disciplined.

any hints for initial foothold? send me a pm pls