Last Active


  • OMG, dont get lost as myself when you try to use flag as password for zip file you downloaded to get source txt:D
  • Rooted! Wonderful.
    in Jarvis Comment by karelchajim June 2019
  • FINALY ROOT! OMG OMG Almost month spent on this box. Two weeks learning framework, crying I am not able to make it run. Then, suddenly, it worked localy, then, another almost week of crying I am not able to do it remotely. But then it was like mir…
  • OMGOMGOMGOMG, rooted.
  • OMG, there are no slabs, no cachedump, no stats items...what I should do with this daemon?
  • Wonderful box! I realy appreciate the ending:)
  • Got it! It was very big mountain to climb on. That vhd - nice touch. I usualy do not do win machines, as I am more comfortable with Linux machines, but this was very nice one!
    in Bastion Comment by karelchajim June 2019
  • Ufff, this one was weird. Tried few different ways, but finaly! Rooted!
  • Got it! OMG! I was blind at first, but when I realized what is going on (i missed one login page!) it was piece of cake. Enumerate, enumerate, enumerate!
    in Luke Comment by karelchajim June 2019
  • This is very nice box! Got root and user, by time and kernel. Will try the other way too. Thanks!
  • Nice box. Pretty straightforward, but on public lot of restarts which are not necessary. No bruteforcing, little enumeration, little iteration, nice powershell touch. Good box!
    in Netmon Comment by karelchajim April 2019
  • Rooted.
    in Hawk Comment by karelchajim July 2018
  • OK. Got root. @lokori I must say that this was really fun box as I was pushed to borders of madness when I wasn't able to do anything with that upload. And another point of frustration was privilege escalation until I realized I can revert what was …
  • Got user. OMG. I already learned I shouldn't take for granted any knowledge I suppose I do know as I was forced to start from very beginning of XML tutorials to learn, how to do this injection. @lokori, you devil!:D Now working on priv esc. Great b…
  • OK. I am able to send XML to server. I am able to send request to myself from server. But thats all. Is there any hint where should I look to see my uploads? Or how should I proceed from here?
  • Well, I need some push with that xml. I am trying to upload classical XML, when I tested XML injection, I was able to delay server response, but I am not able to get anywhere. I udnerstand I should format it author/subject/content in some article, o…
  • Rooted! LOL
  • Ufff, rooted! (well, actually I was trying to crack root's password, but it was just too slow, so I made workaround and just asked for a root.txt file. I am not sure if this is the way, but it worked)
  • (Quote) It is because you have PHPSESSID in Cookie. Just remove it and sequencer will be able to capture tokens. But I am not sure, what to do with those, as I used tool for pad busting, succesfully decoded cookie, but got stuck after this point unt…
  • rooted, thanks
    in Poison Comment by karelchajim July 2018
  • rooted, thanks
    in Jerry Comment by karelchajim July 2018
  • I am able to inject code, read files through log, but I am not able to get reverse shell:-/ Neither I am able to upload file...stuck:-(
    in Poison Comment by karelchajim July 2018
  • Well, I am able to login to manager/status, but when I try those creds to manager/html, I got 403 immediately. If I try other credentials I was asked for usr:pwd again, so I assume there is something going on. WTF:D
    in Jerry Comment by karelchajim July 2018
  • (Quote) nevermind. got it. omg
    in NIbbles Comment by karelchajim June 2018
  • Eh, I am really stuck. I tryied this box several times now. I crawled website, directories, find out xml with username, but I am not able to guess password. Whatever I tryied, i failed. My combos of usr/pwd do not work at all. Could you please hint…
    in NIbbles Comment by karelchajim June 2018

Howdy, Stranger!

Click here to create an account.