how can i get user1 and user2? please

Type your comment> @madm4n said:

i got 3w-data , and stuck. can not find anything useful

switch user, you have already found the creds earlier on which is useful now, but not useful in user flag.

lol what a journey
i spent more time fighting resets . Like i had to repeat over and over again because the box was getting reset evry 5 mins

For the shell like one of the members mentioned there is a way not so intrusive like the RCE .So i didnt use it .

Root was nice ,a well know technique a little google will give you what you need .

@ASHacker cool box!

I would like to try it too, but the portal is always offline, can anyone stop breaking the site?

@luca76 unfortunately is like that the site is stable for 5 mins .So you have limited time and repeat 1000 times .: (
But apart from that the box is really cool and like always people spoil it a bit

yes nothing to say on the box and very funny, I’ll try again this afternoon, now it’s impossible to work on it

need nudges in bypassing h** login page…

Rooted!!! this machine.
Thanks to my teammate @Centip3d3 for the nudges.

So my little advice is “txt is superior to py” For everyone sake please use the non destructive way in rather than ruining everyone’s game. Root was breeze and enjoyable.

Just got root, thanks to @Zard and @Dark0 for the nudge.
I have never knew the blue whale and the cache can do this kind of magic…

Rooted late last night. My favourite past was was the second user. Never used this service before. Overall an excellent box.

Type your comment> @garffff said:

Rooted late last night. My favourite past was was the second user. Never used this service before. Overall an excellent box.

me too… i have never thought this can be exploited… just learned about this moments ago.

rooted, thanks for all who helped me…

user: was not easy for me, as it required to understand the chained vulnerabilities and what to extract…

user2: not that difficult as it related to the box name…

root: quite easy, gtfo, as mentioned by others in this forum…

you have to do something it is not possible so, the riane box up only for a few seconds and then down again

Cool! Foothold was most “annoying” part.
The rest was really easy.
From login to root took less than 1 hour and half.

Honestly I would rate this a green machine!

Little help, if you’re stuck on H** login page, use Google to get info on the running service. DuckDuckGo won’t give what you need.

For nudges PM.

Phew!!..finally. I think I took the long way round but I eventually managed to get root. I won’t leave any hints here because what’s already here will get you there (eventually). I certainly wouldn’t have got here without the hints so thanks to all you smart cookies.

That was a lot of fun, especially the path to root. Straightforward if you know the tech, else you’ll need some research. Thanks to the box creator.

I’ve been experiencing severs connection problems (I cannot reach the p***** or any other site on port 80) every 2 minutes on vip with that box, does anyone else have a similar problem?

Type your comment> @mrvanee said:

Well this sucks. on the login page there is now just a PHP shell… Don’t know who did that :\

They call themselves hackers…I thought part of it was being covert?? I snuck a nice webshell somewhere that’s very well hidden and disguised so I have a backdoor.

How come the vulnerabilities are not in Searchsploit ?