Got working RCE with tiny web shell. I don’t know where the ■■■■ is user.txt. Need some nudge.
edit: User.txt took too long then got root.txt in 2 minutes.
Anyone willing to PM? Got an alert box, and all the google in the world says that people stop at this point because it usually requires a user attack. Would love some more information on how I get from arbitrary JS execution to RCE.
I still stuck in this box. Can someone help me?
I upload a file but it show me ERROR 404 or 500, and can’t get a shell >.<
Edit: I got root, i have some questions about get ROOT
Thank you @mrb3n i learn so much. 
Hi, I enumerated box, I have a RCE and uploaded but … I can see it. Any friend can give a hint by pm? Thanks in advance
Not loving this box. Finally got user, and that was just ridiculous for the difficulty. Too many times I would have the reverse ready, only to come back to a 500 or 404 page.
Now I’m in, but have no clue where to start for root. Checked out files, process, even registry keys and just have not found a thing.
@Chuspi1k said:
Hi, I enumerated box, I have a RCE and uploaded but … I can see it. Any friend can give a hint by pm? Thanks in advance
If you upload code, but can’t find it or execute it, that’s not RCE… That’s RCU (arbitrary code upload… Lol)
Find out where this stuff is going, and figure out what you can access.
@Andromalius said:
If you upload code, but can’t find it or execute it, that’s not RCE… That’s RCU (arbitrary code upload… Lol)
Find out where this stuff is going, and figure out what you can access.
Thks buddy, keep trying
Hello,
I am in need of some help and mostly just want to talk through what im searching for on google and the specific methods I’m trying to use to bypass something. I feel like I’m on the cusp. RCE, not privesc. PM me if possible, thanks
@Swash said:
Hello,I am in need of some help and mostly just want to talk through what im searching for on google and the specific methods I’m trying to use to bypass something. I feel like I’m on the cusp. RCE, not privesc. PM me if possible, thanks
Got passed that part. Still having some difficulties with priv sec, small overlooks I’m sure. Any help still appreciated, thanks!
Can someone pm me on the initial foothold? Running into problems finding what I need to w/ certain extensions
@jbakes1740 said:
Can someone pm me on the initial foothold? Running into problems finding what I need to w/ certain extensions
Have you tried dir search ? And noticed what dirs ? Can you guess what will be the framework running on the server ? what file extension will be running on the framework ? Have you tried to search the file extension?
Can anyone help with the PrivEsc?
Edit: Rooted! Struggled getting reverse shell from the webshell but once I figured that out, rooted within 30 minutes
Hi,
I can upload, and I know where the files are going to, but I cant get code to get executed, can someone hint me. Thanks.
i am not getting a way to bypass file upload restrictions. Can someone give me a hint
Got some help with the upload and managed to get RCE but how can I get an interactive shell any hints?? Thanks!!
Took me a while, but I pwned Bounty. I was almost there all the time, but after many, many hours it clicked. Thanks for those who helped me and for the creator of the machine. Learned a ton!
…
Hi guys I’m very noob and I don’t know how start this machine, I find a interesting directory but, i only know this machine work with IIS 7.5, also i tried with burpsuite but I don’t lucky, some body please help, or send me PM
Would someone please send me a PM - I’m stuck on a rabbit hole and need a little help. with RCE.