@0x23B said:
@UserAlpha said:
I got user.txt (without gaining a shell onto the box). Do you require an existing shell to get root or is the information available through xml enough?Think of ways, how you can login to a machine. You don’t have to pop a reverse shell.
Was using the wrong identity file. Thanks - in as low priv user. Time to try escalate.
@0x23B said:
@UserAlpha said:
I got user.txt (without gaining a shell onto the box). Do you require an existing shell to get root or is the information available through xml enough?Think of ways, how you can login to a machine. You don’t have to pop a reverse shell.
Got root. Thank’s again.
Would someone point me in the direction of using the upload syntax? I’ve been playing around with an online validator but correct syntax/structure in the validator still yields nothing.I cannot seem to get any sort of response other than the Internal Server Error. PMs welcome.
Stuck at priv esc, any hints?
I just rooted this machine tonight after over thinking the path for priv esc. For those of you having problems with it here are some tips:
@lokori thanks for creating this machine! It has been the most rewarding one I have worked on so far. Got to play with a lot of different techniques I havent used yet, learned a lot.
Cheers… On to the next one…
I had managed to guess extension file and I get the callback from “DevOps” but I can’t read any file from “DevOps” I had used many payloads but none of them seems to work
Please PM
can somone PM i am stock at the upload page i cant get around it!
i am able to upload an xml file but dont know where to go from here, could some one point me to the right direction?
Got user. ■■■. I already learned I shouldn’t take for granted any knowledge I suppose I do know as I was forced to start from very beginning of XML tutorials to learn, how to do this injection. @lokori, you devil!
Now working on priv esc. Great box. Really nice CTF design!
well… seems this box has got me on the ropes… cant seem to figure out how to upload with out the server error… im pretty sure ive got the format wrong some how… need to sleep now, but any hints would be helpful. thx
OK. Got root. @lokori I must say that this was really fun box as I was pushed to borders of madness when I wasn’t able to do anything with that upload. And another point of frustration was privilege escalation until I realized I can revert what was done.
Thank you for this fun, it spoiled lot of nice days:D
@L31G0N said:
well… seems this box has got me on the ropes… cant seem to figure out how to upload with out the server error… im pretty sure ive got the format wrong some how… need to sleep now, but any hints would be helpful. thx
just upload the correct format and the correct entity name
if you get error it’s mean you miss something on this format
@takuma said:
@L31G0N said:
well… seems this box has got me on the ropes… cant seem to figure out how to upload with out the server error… im pretty sure ive got the format wrong some how… need to sleep now, but any hints would be helpful. thxjust upload the correct format and the correct entity name
if you get error it’s mean you miss something on this format
ya i prolly overlooked something a bunch of times being tired… been trying to push the limits of my concentration in prep for the OSCP. ill take a closer look at the possible formats. thank you for the nudge…
iam stock after geting user flag, can anyone give a hint how to get root
@takuma
So, is it necessary to bypass the 500 Internal Server Error or you can get what you want with the error present?
I think i am on the right track but enumerating many different strategies (following the hint on OWASP top 10) did not bring me anywhere closer.
Can someone PM me for a couple of guidelines?
Can someone help to me for right xml format ?
Thanx to msslaughter and SpZ for hints !!!
Need some help with xml format. It’s slowly killing my n00b insides.
Anybody here to help with the payload…I can upload the injected file …the server doesn’t show the output and also blind injection is not working…any hints pls…))