Official Bucket Discussion

Type your comment> @LMAY75 said:

I’m not very familiar with this service, not sure where to query. Found the h***th page that confirmed the service on the backend but not sure how to proceed.

Edit: Nvm, it appears I DIDNT REALIZE THE IMPORTANCE OF A SLASH. God that is so annoying, since when did slashes at the end of a URL matter?

Thank you I already went by it thinking someone else uploaded it or so whatever.

Good box, i rooted with an hint, i was very stuck at that part!

Can anyone DM me ? I think I am close to the foothold, but I still can’t get it.

Can anyone nudge me for user, I have the initial foothold

Can someone PM me please? Having issues at foothold. Thanks

Got it, root was clear and very enjoyable, read the docs and you should get it. user was more difficult becouse a little bit guessing and timing was necessary.

if anyone needs help, just pm me.

~~Can someone PM me with a nudge for root. I can make the correct D******** table and can create a result.**f file. ~~

nm: read more docs and did more google … found answer … got root!

Can anyone give me nudge? first box here. Using A** C** but running into a security token issue after inputting conf a*****ID. Thinking I need to input to a*s to be able to add to enter through remote?

@RedTeamForeman said:

Can anyone give me nudge? first box here. Using A** C** but running into a security token issue after inputting conf a*****ID. Thinking I need to input to a*s to be able to add to enter through remote?

You need to run the configure command for that tool. The actual values you select don’t seem to matter.

Hi guys I’m a little far from getting webshell
I found DyB Ja*** sh** and now I can create bus and obj but when I try to inject a ph* payload in the clo**.png in bu****.*** host, It still plain text and not executed…
Can someone help me plz.

Type your comment

Hi

I own user, but I struggle for port forwarding.
I dont want to spoil, so can someone pls write me in pm for helping me with port forwarding?
Thx that would be cool

I’m looking to trigger my reverse shell (.jsp/.php) after planting it in /a******* or /a*******/im****/ by navigating to it in the browser, but I’m continuously prompted to just download the file (rather than run/execute the payload).

Did you all trigger your non-Dy****** J*** shell this way for the foothold? Or do I need to keep reading through the documentation?

Type your comment> @DVSiiii said:

I’m looking to trigger my reverse shell (.jsp/.php) after planting it in /a******* or /a*******/im****/ by navigating to it in the browser, but I’m continuously prompted to just download the file (rather than run/execute the payload).

Did you all trigger your non-Dy****** J*** shell this way for the foothold? Or do I need to keep reading through the documentation?

Pretty much that way. I’d double check what your reverse shell is trying to do.

The only other challenge I can remember what being quick enough that the script didnt get eaten. I found scripting the upload and the request to the file launching the reverse shell worked best.

Very tasty box, learned a lot new things about a*s.
Thx @MrR3boot for this box.

PM if you stuck.

I am able to read arbitrary files as root and I have the root flag but I haven’t been able to figure out how to get a shell. I have a hash but wasn’t able to crack it. Can someone PM with a nudge?

I just started this box and found what it looks like a shell url, but when I try to visit it with the browser it redirects to like a url with the next structure {id}:{port}/{path_shell} and I can’t open it… Any hint on this?

Rooted. It was an interesting box, learnt some new techniques
Good medium box, took a lot of research to familiar with the tools been using in this box
PM me for nudges if you guys need it

can anyone explain how to access the bucket machine

i am stuck with the pdf file.
i am not able to read or decode it.
can anyone provide me the hint.
coz its the last step where i stuck in after decoding it i will be able to have root access of the bucket successfully