I think I got the right port for s*********. but seems I couldn’t add any data to it… got similar response “Suspected hacking attempt detected”. Can I have some small hint? thank you. PM.
Hello.
Could you give tips?
I’m learning.
I scanned this machine and I found four open ports.
I connect to an service that there is a file, cause I think it could have a hidden files or directory, but don’t.
I tried BF on the login page, but I didnt have success.
And there is a page that speek about cookies, but the sessions dont have cookies.
I’m lost.
About what should I search and learn for this machine?
Thank you.
First time I encountered a box where something like this was necessary for privesc… Refreshing to get away from mostly web-centric stuff tho. Nice box.
i will apreciate som hint to get user
i found the creds for login
found the cookies and also interact with s***** end get intersting respond “hacking detected” and i think it a way to get rce but i can’t find a wy to do that
anybody can help me
can someone pm me i think im on the right track for privesc, swapped the thing for my own thing to be called by the thing but not working because of S**D??
Edit- rooted thanks snowscan learnt loads getting this flag
got it. tnxs raiden99 for the hint, thou it took me time to figure it out but, it is worth it. learned a lot… tnxs to machine creator snowscan.
Hello, going for user.txt and I’m completely stuck for now. I logged in, got some users info, but I couldn’t bypass the commands filtering on the interface. Any hints ?
@dxaxpanda said:
Hello, going for user.txt and I’m completely stuck for now. I logged in, got some users info, but I couldn’t bypass the commands filtering on the interface. Any hints ?
DM
Looking in my socks I found some stocks, but nothing I hadn’t seen in a shop before. Anyone got suggested reading for digging further?
@Tim0x01 said:
Looking in my socks I found some stocks, but nothing I hadn’t seen in a shop before. Anyone got suggested reading for digging further?
Keep leaving and returning to the store while looking at your socks and something else will pop up.
Need help with user: I am at the place where we can interact/debug with the box but cannot avoid the filter to achieve anything useful.
I did get credentials to login and have used them but can’t see anything else.
PM/hint welcomed.
What a journey rolf, I learned a lot btw, amazing box, thanks to the creator :3 … my littles advices for the journey:
For user: Keep playing hard but keep your cookie maanster as simple as possible :3
For root: Just enumerate… dont fell in love with the first thing that you’ll see… I did…
Cheers!
I am Stuck at the TCP Socket Test… How do I get the login credentials from the TCP Socket test…??
Spoiler Removed - egre55
Need help on privelege escalation … Try_harder seems a dead end as same aplies for myexec
Finally got root after banging my head for 5-6 hrs…
Just wanted to say… Wendell’s password…
\m/ (>.<) \m/
Edit: Got user. PM for any help for user.
I found a interesting service running internally into Dab server named mc***
but as much as I try to retrieve any useful data I still get only:
Output
END
If at least that service give me the name of some user I could try to bruteforce with this…
Can anyone send me a nudge ? Thanks !