Bankrobber

clubby789 · September 24, 2019, 5:08pm

Is anyone else having huge difficulties getting their shell to pop? Sometime’s it’s instant, other times it will take up to an hour

Esplendini · September 24, 2019, 7:39pm

Type your comment> @clubby789 said:

Is anyone else having huge difficulties getting their shell to pop? Sometime’s it’s instant, other times it will take up to an hour

Same here… I dont know why.

combinator · September 24, 2019, 8:25pm

Spoiler Removed

clubby789 · September 24, 2019, 8:44pm

And rooted. Very interesting box, but needs more testing; shell was impossible to drop half the time, and if someone killed ******.exe then it was a reset

Initial access: Enumerate the site to understand how the frontend affects the backend. Don’t be afraid to wait a while if it doesn’t work immediately.
Shell: If a tool doesn’t exist, put it there
Privesc: Once you find the interesting process, the two stages in it are fairly simple variations of things you should be familiar with.

0xskywalker · September 25, 2019, 2:02pm

Pretty good box, but the initial access using the web app is often unresponsive or even takes longer than the stated timeframe

octys · September 25, 2019, 2:08pm

Wasted a lot of time on root because of this:

Hint for root: Once you see the odd thing, forward everything to you. It’s enough to interact with that, no need to see the code.

Hope that helps

OldProgrammer · September 25, 2019, 2:21pm

Thank you for the box, she is great. Rooted !

combinator · September 25, 2019, 3:07pm

Type your comment> @0xskywalker said:

Pretty good box, but the initial access using the web app is often unresponsive or even takes longer than the stated timeframe

+1. Wasted a lot of time because of this. It’s completely unresponsive at the time of writing. My payload worked only 1 time out of 20. And I’m on VIP.

Edit: NVM, I reset the box and got it.

shadyR · September 26, 2019, 9:42am

Stuck on the initial foothold. nothing seems to work. i waited , tried different things but still nothing. any hints please?

Icare1337 · September 26, 2019, 10:10am

Rooted ! was very very nice box !!

w3x · September 26, 2019, 11:25am

pretty bad box so far

sazouki · September 26, 2019, 12:12pm

NOT INSANE…

Kucharskov · September 27, 2019, 8:22am

This box at initial step is sooo slooooooow. Sometimes even restart didint help. Some tips for players: client side, enumerate, bruteforce and half of “answer to life the universe and everything”
If you have a problem with init/user/admin just PM’me. I will try help you

ue4dai · September 27, 2019, 9:51pm

Never mind… I’m just an idiot about being consistent with URLs… /eyeroll

c0met · September 28, 2019, 6:42am

@Kucharskov @1c4re1337 thanks for all the help

dontknow · September 28, 2019, 9:01am

I am chaining vulns for foothold, i can see what can be used for getting shell, but my script not working as i expect.
Edit: if you trying to write your own stuff from the beginning and it is not working, consider using existing things on machine. (not regarding payload, more for vuln structure)
Machine is a bit lagi, so check your testing payloads with already working alongside with them.

kareem · September 28, 2019, 2:31pm

PM for hints
kareem

ml19 · September 28, 2019, 3:01pm

Possible that that box is a lil unstable? Figured out how to basic test a response via a normal user. that worked for few attempts. then stopped. after reset not better.

n1b1ru · September 28, 2019, 6:20pm

I found a vulnerability in a point but I cannot exploit it maybe because unstable box. I need some indication

jayjay25 · September 29, 2019, 8:21am

Can someone PM me, I need a nudge on the initial shell. I have the RCE through x** vuln, but can’t seem to get anything working for a shell…