Curling

r00ted. Thanks for all the hints. I liked this box alot with the Joomla bugs and getting my reverse shell, but the fun ended after that. Getting user–I can’t imagine someone actually doing that in real world…I mean maybe a few odd folks here and there, but the first part was great because of real world, getting the PW BKUP was kinda goofy.

Now root was interesting as this is a concept I def. could see happening in real world. Thanks guys!

Enjoyed this box. Very interesting and does provide a real world setup with getting a reverse shell going taking advantage of the bugs in the Joomla App. Thanks to the developer for putting it together. Thanks to ZaphodBB for teaching me a new command to use.

This machine was fun. Pm if any hints needed.

Hi I am new to HTB and new to OffSec anyone can give me a hint how to find those user and password? I found those base64 strings and decode but it outputs a url path.

If only Curling machine can shout please stop bombing the index.php. we cannot use ithe machine

4 restarts within 20 minutes, the machine is not usable atm…
stop restarting the machine and changing the index.php

Rooted the box. Getting user.txt pure CTF thing. But getting root was fun and very easy. If someone needs hint - PM me.

Nice box, getting root.txt is easy, but root shell is little bit tricky.

Root was very funny :slight_smile:

I got root.txt but i’m not sure if it was me or not. Can somebody help me? xd

Can someone pm me a nudge in the right direction (other than “don’t over think it”) for Curling? I got p*******b***** file but I’m not sure how to start decrypting it.

That was a nice CTF box :slight_smile:
I see so many people digging WAY too deep on the box.
Best advice is to not over complicate and look at what is right in front of you (classic advice i know lol…)

can anyone help a noob privesc from www-data to user? unless I went about getting a shell the wrong way?

@cognitiv3 said:
can anyone help a noob privesc from www-data to user? unless I went about getting a shell the wrong way?

check your pms

Can someone point me in the right direction for getting a shell? I’m almost positive what I’m doing is correct, but I’m getting an error message that I don’t believe I should be getting.
EDIT: The error I’m getting is “You have tried to upload file(s) that are not safe.” except I’ve whitelisted and removed all file type restrictions in order to allow .php.

@nergalwaja said:
Can someone point me in the right direction for getting a shell? I’m almost positive what I’m doing is correct, but I’m getting an error message that I don’t believe I should be getting.
EDIT: The error I’m getting is “You have tried to upload file(s) that are not safe.” except I’ve whitelisted and removed all file type restrictions in order to allow .php.

I believe there are many ways to solve this, if you don’t mind to miss why something doesn’t work you may just try other (though may be similar in concept) attempts.

help root …PM

Anyone else getting this when trying to connect to the box? I tried the reset button but it’s not resetting.

WARNING: Failed to daemonise. This is quite common and not fatal. Connection timed out (110)

Whoop! Finally got root.txt and really enjoyed it. Learnt a few things even from the dead ends I ended up at. :smiley:

no idea what to do with the p******_b******* file. any tips?