For the last step. You can use a web thing, and it’s as simple as you think it is, just cut out all of the other ■■■■, and use whatever old faithful tool you’ve used since the 70s.
Rooted! That was a fun machine.
Definitely spent more time on google than my actual terminal but I learnt a few new things.
Feel free to PM me for nudges.
Anyone have a nudge on the reverse shell? I have RCE but can’t create a connection back to my machine.
As always with Java in particular (but also other server-side languages in general): Don’t try to build too complex payloads. Often, it is better to download (and then execute) a shellscript to the target machine, and make the script do all the heavy lifting.
@Sketrik I was 100% sure that I tried that and that it didn’t work, but I proved myself wrong, I have a reverse shell now. Thanks for making me try it again!
I really should pay more attention when changing variables in the pre-written ones I suppose.
@HomeSen Thanks for the tip! I’ll keep it in mind for the next boxes on my list.
i got a connection back from nc but cannot get a shell with -e even with basic bash rev shells !
is this a part of the challenge or what?
Well, yes and no. Java in particular (but also other server-side languages in general) doesn’t like complex payloads. Often, it is better to download (and then execute) a shellscript to the target machine, and make the script do all the heavy lifting