@cichyx96 said:
@Girbons said:
@targodan said:I’m going absolutely mad about the admin login. Can anybody nudge me pls?
Same!
Sad, but same.
Alright, I finally got into the admin page. Turns out I was doing the correct thing for a while but was never quick enough. :neutral:
Type your comment> @gverre said:
Just Rooted. Great box. Initial foothold was hard and was something new for me. This zaBogdan hint is what put me on the track for that first part. Did’nt have a clue at first.
The rest is more ‘classic’, but great fun and challenging.
The root part was new for me too, but easy to spot and exploit after some googling.Thx @MrR3boot
@zaBogdan said:
A little nudge on the foothold.
Sometimes, after a limit, it doesn’t matter what characters are.
Glad that you have learnt a thing or two.
Finally rooted this box. I did learn new types of attacks I have not used before.
Root was a bit painful but as soon as i got the right syntax it all worked.
Thanks @MrR3boot
@bertalting and @gverre pointed me to the right direction and I finally got user. The technics were completely new to me so I definitely learned something here.
Do you need a shell for root? I retrieved the i**** from user r***** and formatted with fold but still I cannot convert it to ope**** format. Is it the right way to proceed further?
Finally rooted , user part frustrating but interesting , I learned new things , thank you @MrR3boot !
pm me for hints !
This is an enjoyable box - @MrR3boot always makes awesome boxes.
I found getting the user flag much easier than getting a foothold as user but with a bit of ingenuity that finally worked.
Getting root took me longer than it should - I found the path fairly quickly but a series of mistakes with tooling and then typos held me up for ages.
Type your comment> @garffff said:
Finally rooted this box. I did learn new types of attacks I have not used before.
Root was a bit painful but as soon as i got the right syntax it all worked.
Thanks @MrR3boot
@TazWake said:
This is an enjoyable box - @MrR3boot always makes awesome boxes.I found getting the user flag much easier than getting a foothold as user but with a bit of ingenuity that finally worked.
Getting root took me longer than it should - I found the path fairly quickly but a series of mistakes with tooling and then typos held me up for ages.
@nasri136TH said:
Finally rooted , user part frustrating but interesting , I learned new things , thank you @MrR3boot !pm me for hints !
Thanks for the feedback everyone. I Love positive vibes about the box.
Rooted.
Thanks for the box @MrR3boot. I’ve learned new usefull things from the web part!
User hint: My advice for the entry point (because it was really hard) is to be careful on what kind of service the machine uses to manage data and figure out how to bypass this system. For the second step, however, understand how the two panels can communicate directly and what can be used to read what you need.
Root hint: The root is simple, the problem arises when you are on public servers and the competition is high for both you and the machine. However, as we get to this point, you will understand what the machine does, so be careful when you understand what you need to use… at the syntax!
If you need more specifics nudge, just pm me.
@MrR3boot is absolutely one of the best box creators on this platform.
I’ve still not got root but user was a fantastic learning experience. Lots of different functionality to test with lots of classic bugs re-imagined, combined or used in ways that you don’t usually think about them. Taught me to respect even the more humble bugs and to think outside the box a little bit.
Dreading figuring out how to root this but nonetheless great job!
@syn4ps said:
@bertalting and @gverre pointed me to the right direction and I finally got user. The technics were completely new to me so I definitely learned something here.Do you need a shell for root? I retrieved the i**** from user r***** and formatted with fold but still I cannot convert it to ope**** format. Is it the right way to proceed further?
I’ve sent you a PM
Type your comment> @HomeSen said:
@syn4ps said:
@bertalting and @gverre pointed me to the right direction and I finally got user. The technics were completely new to me so I definitely learned something here.Do you need a shell for root? I retrieved the i**** from user r***** and formatted with fold but still I cannot convert it to ope**** format. Is it the right way to proceed further?
I’ve sent you a PM
Thanks 
So yeah, the moral of the story is: do not open PDF with classic apps
Still trying to get user (stage after admin panel). People are mentioning some ‘technique’ and i have 1 in my mind, can someone PM so i can confirm I’m thinking right?
Is col**ns.php and seh.php a good point to look for foothold?
Rooted thanks @foxlox
Rooted thanks for all
USER :
_connect as admin in 80
_try to read what you normally don’t be allowed
admin and standard user is your friend
ROOT :
_suspicious service are running
_CVE and little more
Feel Free to PM
Does anyone have any good reading material on how to exploit the upl***? I suspect it has something to do with .H. Des… with ph… files.
Rooted 
Really liked the attack vectors for both user and root, definitely learned something here.
Little critique: I always had other people getting in my way, because everybody is trying to exploit exactly the same thing. I do understand that with the kind of vulnerabilities that are being taught here, this is hard to circumvent.
Thanks for creating this one @MrR3boot!
Type your comment> @mech said:
@MrR3boot is absolutely one of the best box creators on this platform.
I’ve still not got root but user was a fantastic learning experience. Lots of different functionality to test with lots of classic bugs re-imagined, combined or used in ways that you don’t usually think about them. Taught me to respect even the more humble bugs and to think outside the box a little bit.
Dreading figuring out how to root this but nonetheless great job!
