got root 
dug a bit further based on some pointersā¦
Finally I got a limited webshell. Anyway I have a problem for establishing a real reverse shell connection. I tested all I know. Please I really appreciate a hint via PM.
@cvrloz said:
Please help, Iāve found some directories but no file so far, always havin 403 forbidden error, whats next?
any hints uploading the file?
Hi, Have found the page and corresponding directory . Have established what can be uploaded but am having trouble getting that uploaded file to work how I want it to. Have tried all the methods I know about by using burp. A small nudge would be appreciated.
Thanks
This box is kicking my ā ā ā . I found a directory where Iām assuming I should be able to place a file to give me a reverse shell, but I canāt seem to figure out how to upload a file at all. Iāve thrown every enumeration tool Iāve got at this thing and come up empty handed. I thought I found an rce vuln but it seems that all I can do with it is DoS, which isnāt helpful. Iāve spent way too much time googling things related to the name of the box, the architecture of the web server, and the picture on the one static index pageā¦
Can someone give me a hint on getting an initial foothold?
@Cryovenom said:
This box is kicking my ā ā ā . I found a directory where Iām assuming I should be able to place a file to give me a reverse shell, but I canāt seem to figure out how to upload a file at all. Iāve thrown every enumeration tool Iāve got at this thing and come up empty handed. I thought I found an rce vuln but it seems that all I can do with it is DoS, which isnāt helpful. Iāve spent way too much time googling things related to the name of the box, the architecture of the web server, and the picture on the one static index pageā¦Can someone give me a hint on getting an initial foothold?
If you havenāt found a place to upload, maybe you should focus your enumeration on the server technology. You donāt need a huge wordlist, just play with parameters. Think about the kind of pages that you may find.
I know what to upload and where, but still not workingā¦ If anyone is willing to help me see what Iām missing a PM would be great.
@NinjaRockstar said:
I know what to upload and where, but still not workingā¦ If anyone is willing to help me see what Iām missing a PM would be great.
Same here, any kind of hint on the payload would be greatly appreciated.
@NinjaRockstar @natalioruiz If you google for exploits by uploading [thing you already know] you find an article with a small PoC - you can use this to check if code is executed. Replace the PoC code lines by a command for executing system commands in that language and parse the multi-line output.
Stuck on this box. Enumerated and found a way to upload files, know where the files are uploaded, bypassed file upload protection, and know that I can run code in a certain language, but any useful code in that language, such as running a system command, results in a 500, apparently because the boxās designer intentionally made it so that specific libraries needed to run commands etc. would not function. No matter how simple the payload, it just doesnāt work. Have yet to find a way past this problem.
SOOOā¦ no ā ā ā ā ā¦ there I was. Able to upload to the server but unable to execute or find the right payload (canāt figure out which is the problem). Messed around with file name manipulation while uploading with burp to no avail. Can anyone give me a bit of a nudge on how to get any presence on this box? PM if possible.
Found a file I can upload and mess withā¦ just canāt figure out which coding language / syntax to utilize to take advantage of itā¦
got a shell. Any tips for finding user.txt? I feel like im missing something
Itās a windows boxā¦ all the users are in a certain users folderā¦ all users have a desktopā¦
Hi I found rce.It is working sometime but it isnāt working sometime Why?..Hint Please PMā¦
@RageQuit, yeah I missed the obvious there somehow. Stuck on Privesc now, any hints would be appreciated
Im probably missing something stupid. I can run almost any command I want on the machine using an uploaded web command shell, except for getting a reverse shell which results in a 500 error. Any hints on where I should look next? Thanks
Rooted the box last night. 
Really good box, I learned a lot. Thank you @mrb3n
I donāt get it. Everyone gets root so easily yet here I amā¦ trying every privesc exploit from x86 and x64 suggesters and still staying as a userā¦ 
@Thun said:
I donāt get it. Everyone gets root so easily yet here I amā¦ trying every privesc exploit from x86 and x64 suggesters and still staying as a userā¦
same place ;(