Thanks to @egre55 for this box. Learnt new stuff and definitely put my programming skills to good use :)
So, you know what it is. Look in every crack and hole. You need to get the interesting thing in a specific place.
Rooted :) Thank you @bertolis for the box. Learnt very important and interesting stuff with this box :)
There's info all over the internet. No big deal.
Enumerate a dir that has already been mentioned in the forum plenty of tim…
Finally rooted. Thanks @felamos for the box! The amount of things I learned in this box is insane. Root was pretty hard for me, and capturing that flag was the most satisfying thing ever...
Google like your life depends on it. Take your…
Type your comment> @Pieceratops said:
I also had this issue.
You should try redirecting the output to a place you know your target has permission to write to just to check that your commands are actually being injected. Also, try with o…
Rooted. Thanks to @egotisticalSW and @felamos for this box! It's my first time exploiting something in that language, so I'm glad I learnt something new.
Really the best thing you can do is Google the hell out of that service and play ar…
Foothold & User
Just play around with the stuff in the site. Analyze what you are given and once you identify the tool that the site uses to generate stuff, fight fire with fire. Ask Google what to do next.
Type your comment> @W0rmsp17 said:
Use dirb to enumerate that port. You'll find some dirs. Try curl on each one. As long as I can remember there were just three, so try them all.
You'll know when you get it right.
EDIT: I checked. There …