If someone is able to give me a hint for foothold, I’d appreciate one.
Try harder.
Thought I’d blow past this one but stuck at foothold
Do we need to go after the upload? I can’t seem to find mine. Tried tinkering with other fields but to no avail.
EDIT: just rooted. this box is really meta. Jesus
any possible hints? 3 hours lead to nothing so far
Got user, but am I barking up the wrong tree with s—l----s.s-? I’m pretty confident I have a helpful input line, but I don’t see what triggers s—l----s.s- to execute. My line is just sitting there and the lines don’t seem to be being blanked out. (I can trigger the thing add its own ‘normal’ lines, too, but I can’t seem to trigger s—l----s.s- to read it…)
EDIT: Oops; I realize now that I broke it when I was poking around. In case anyone else makes the same mistake I did, just make sure you don’t accidentally delete/recreate the file that it’s reading. (I didn’t realize it was being triggered by in—n.) Rooted; fun box, thanks!
Must be missing sth… take longer than expected on foothold. Can anyone give me a nudge?
EDIT: rooted. could’ve done faster but anyway. Thanks 0xdf for creating the box.
the server executes commands based off of user input. think of exactly what commands are being run on the server (with arguments), and search for vulns from there
rooted! Good easy box. Thanks 0xdf
Can someone give me a bump? i think im making foothold harder then it has to be. Did you need to use burp?
Nop burp is not used here
Got user. Any hint for the next step?
Any have a link can be useful or the link can give more information about the attack vector?
Thanks.
A little hint for me for user:
Please make sure that you are using the latest version of Metasploit.
I’m getting an error when I try to set the OS to Linux on the webapp, is everybody having the same issue? Just trying to figure out if I’m on the right track.
rooted, nice box, finally a real “easy” machine
rooted. good box. overlooked privesc for a while but it’s pretty straightforward.
i always get an error in OS linux. annoying.
Rooted, thanks to the creator of the box.
root@scriptkiddie:~# whoami; id
root
uid=0(root) gid=0(root) groups=0(root)