Last Active


  • Hey everyone, having trouble with the RCE in the o**n part. Tried everything I can think of.. Im clearly misunderstanding something. If someone could give me a slight nudge in the right direction please PM me :)
  • This box is seriously giving a headache with all the different routes to user/root. If anyone can give me a hint please PM me :). I am at the panel of interest, but still no user or root. Seeing different ways to approach things but nothing is worki…
  • Hey all - ive found the "credentials" and have logged in. Found that the feature is vulnerable to S**i but cant seem to find the right syntax, what usually works for me isnt working. Anybody willing to help me out please PM me :)
  • Rooted I just wanted to post and say how much I enjoyed this box and learned some really cool vulnerabilities and exploits about the service used as well as the method of priv esc. We need more boxes like this!!
  • Anyone able to PM me I would be grateful. I have what looks like a successful exploit but cant find any documetation on the CLI. A point in the right direction would be appreciated :)
  • (Quote) Right hahah, seeing now that hydra isnt the way to go. Ill guess some
  • On foothold: Does anyone else get a positive hit on hydra but the login doesnt work? Ive never seen this before :/ sorry if stupid question
  • After getting user I have to agree with the majority of opinions on this thread that this is a massively CTF oriented box and at a few steps I was purely in disbelief at the approach this box took. Thanks to the few that provided me with some hints!!
  • Currently trying to decode, if anyone is willing please PM me for a hint :D
  • (Quote) Been reading between the lines of everything I can find. I feel like im going to kick myself once I find it.
  • Okay got user - but now completely stuck on priv esc. Got a simple webshell and tried every one liner reverse windows shell on the internet as well as trying various payloads but the box keeps deleting them when I try and run them.... Any hint in t…
  • Hey all, I have gained access to the web app, and logged into what I believe is the service of interest, I'm also able to upload files, but not sure of the approach to get RCE? Im also not 100% sure im in the right service, if anyone could PM me I w…
  • Digging around for user. If anyone has a non spoiler hint please PM me :)
  • Hey everyone looking for a nudge in the right direction re: initial foothold. I know whats happening, know what Im supposed to do, think my php just needs a little tweak. PM if you're willing to give me a small hint :)
  • Working on root and syntax for the s**-*****n command. I've found and am using the files of interest in the command, but still getting strange output. would be grateful for a PM hint!!
  • (Quote) Im in the exact same spot as you, currently digging around
  • Does anyone have any hints for me? I can reach fine but the web app I cant get anything. Was having no problem yesterday. I reset my access config file for openvpn but still nothing...
  • Is anyone else having trouble with accessing the site? EDIT: Do the credentials for the webapp change when the box is reset? My creds arent working anymore EDIT2: Reaaaaaaly struggling with box staibility. Its up for 2 mins then down for like 10, …
  • Followed the evil method, watched the video but still not working.. Might be a permissions problem, please anyone pm me about RCE on this box. Need some hints
  • I'm missing something... Cant find where to log in. nmap isnt showing anything. cant see anything with spider. Anyone drop me a hint in pm? :D
  • Simlar spot as people above - enumerated the port and found an interesting number looking like a password. But no username is working.. Any tips are helpful! :)
  • Anyone please point me in the right direction, I got user flag already. I feel like everyone on this thread has a password hash except me lol. Just a point in the right direction. reading documentation on the tools all of them seem to assume I have …
  • Well that was a learning experience.... Easy user access but struggled a lot with the syntax for commands while gaining root.
  • Would very much appreciate any hints towards getting the root flag! I have foudn the files of interest and know the command i need to use, and have scoured the man page, and i think i know which option to use for it. but not getting anywhere. anyone…
  • Have a low priv shell, digging through the rabbit hole... have the first hint. But totally stuck

Howdy, Stranger!

Click here to create an account.