Official Luanne Discussion

Any hint to get the foothold ? I found the /w****/f****/c*** parameter, but I can’t find what I could “inject” into it.

Honestly i think this was pretty hard. Harder than some of the other ones at least.

My little hint for foothold: Look at the box name, escape the code after parameter value, encode it and then comment it.

Tough box, espacally of the few rabbit holes and also the p**g command does not work, so i always thought my in**tion does not work. The user part i have glady seen bevor on another box in the past. The Root part was also not too easy for me couse i thought i have to use open***. But finally got it :slight_smile: If anyone need help, just pm me.

@mach1ne I really don’t find what to put after this parameter despite my research it’s hopeless:D

hey guys. can anyone give me a nudge, or brief explanation about how that service on port 3*** works? I solved it with tips, however how can someone find that logic of the service in the first place? any help is appreciated:)

@sec1pps said:

hey guys. can anyone give me a nudge, or brief explanation about how that service on port 3*** works? I solved it with tips, however how can someone find that logic of the service in the first place? any help is appreciated:)

Look at how it was started and you will find why you get the information you got :wink:

Hi guys, I want to get a reverse shell using the ci** parameter. I used a command that worked for a friend, but it has been impossible for some time to use it, both for me and for him… I get this error: “
Lua error: /usr/local/webapi/weather.lua:49: attempt to call a nil value”

@UVision said:

Hi guys, I want to get a reverse shell using the ci** parameter. I used a command that worked for a friend, but it has been impossible for some time to use it, both for me and for him… I get this error: “
Lua error: /usr/local/webapi/weather.lua:49: attempt to call a nil value”

When something doesn’t work that should work, try resetting the machine.

I have already reset the machine more than 4 times, without success.

@UVision said:

I have already reset the machine more than 4 times, without success.

PM’d you.

@HomeSen No problem.

Thank you @polarbearer. Was a nice box. Learned some new things.

Tips:

  • Enumeration, enumeration, … & read the information you get carefully.
  • Once you figured out what OS it is try to google for alternative ways/tools for this very OS if your usual way does not work.

Finally got the root flag:) many thanks to @HomeSen to his (big) help.

Feel free to pm me if you want some hints.

Well, that was a pretty difficult “easy” box, but really only because it uses software most people, including myself, are not familiar with.

The hardest parts for me were foothold and user. But, the information is all there, there is really very little guesswork or brute forcing.

Foothold: Do basic enumeration and play around with what you find. If you cause an error to occur, you’re getting warmer. Learn about the technology behind it and remember that before you can say something new, you have to finish what you were saying before :wink:

User: This stumped me for a while, but all of the hints are there, really. Enumerate and you will find something that’s not available from the outside. Forget trying the same thing as before, it won’t work. Also, consider that while the name of the program looks very familiar, it is actually something different. Study the manpage and what every option does and you will find the way forward.

Root: Stay where you are, you will not have to look very far. Everything you need is right there. :slight_smile: Just remember everything is just a bit different than you’re used to.

sheesh that box kicked my ■■■■… I’d been feeling quite confident after doing Lab and Tenet in recent weeks, but I seemed to blunder my way through this one.

A fortunate typo helped with one thing , and then Google’s “Searches related to…” steered me in the right direction for root.

unable to get a stable shell using the conventional python technique!!!

@in3vitab13 said:

unable to get a stable shell using the conventional python technique!!!

Maybe python isn’t on the box or isn’t configured in the way you are calling it.

There are other techniques you can use your way to bash onto the box or even keep a pet cat.

Rooted !

Excellent box, not that easy but very interesting :).

PM if needed !

just rooted, great box indeed! learned some new things. One of the things I liked the most about this box was that the things you needed to root it were pretty well spread out - and what seemed to be red herrings were not if you could connect the dots. I think the biggest thing I learned (besides the OS) are how to be very meticulous about documenting your enumeration.

foothold

this one is a bit tricky and very easy to miss, and i would argue the most frustrating part.

your recon needs to be very extensive. Think of going beyond default options in your own tools and well-known wordlists, but also think of default options in the target. It’s a combination of exploiting info disclosure (from the app - both high and low ports), exhaustive and recursive web recon and learning a little bit of moon language.

user

very fun and reminded me of the old school way my university would sometimes serve documents - sometimes in someone else’s home. Also reminded me of some lectures in sys admin classes about some file that is very sensitive to web servers. Loot away! Use this in conjunction with some of the info from your foothold recon stage. Some one mentioned something about a squigly. I like to think of this as blindly grabbing a snack out of a vending machine once your arm is in deep enough that you cant see it - but if you more or less know how the snacks are organized, you know what you’ll be getting :slight_smile:

root

this one was extremely interesting and i am wondering if anyone did it “offline” (if you did, please PM me). Once you are in as user, pillage away. Find the secret and invoke the power in the way this box likes to be talked to.

Sorry for any potential spoilers. I tried to be as metaphorical as possible, but this box really challenges you to piece it all together. Very fun!

I have found 3 open ports, I can browse two of them, but both need credentials which I don’t have. I have also found some places to visit and can even plan on which day to build a snowman or take a sunbath. If I try to add something to my plan I get errors like “SyntaxError: JSON.parse: unexpected non-whitespace character after JSON data at line 1 column 46 of the JSON data” If I add a double-cross after the place to visit the notes after the sign get ignored.

Until now I couldn’t get any moon-related issues, so I would rather skip this info from the forum.

I’ve read all the comments at least 2 times, but I can’t get further. I would be glad for a hint.