Dev0ops hints

cardoppler · June 6, 2018, 11:07pm

It’s the first time I give “hints”, so please remove this post if deemed necessary.

For anyone looking to get hold of the user, I can see at least 2 ways in: one being more popular than the other. So at least 2 methods, 2 different places.

@lokori, “how many ways to skin a cat” to get the user, actually? Are there more than 2 intended methods?

dispareo · June 6, 2018, 11:18pm

can someone pm me? I think I have a way in but want to bounce an idea off… Can’t say anymore without spoiling.

Anna · June 7, 2018, 12:25am

i got user flag , i want to ask something in method to get shell
please ,anyone can PM me

Le83nd · June 7, 2018, 12:33am

@Anna said:
i got user flag , i want to ask something in method to get shell
please ,anyone can PM me

Feel free to shoot me a PM if you still have questions.

Demosz · June 7, 2018, 2:46am

Got root. PM me for hints that aren’t giveaways.

raystr · June 7, 2018, 9:29am

and rooted. took me quite a while. I suspect someones messing with the files on the box…

SubhajitBarh · June 7, 2018, 10:10am

canape and this box has similar weakness

SubhajitBarh · June 7, 2018, 10:10am

can pm me if you need a nudge

bmanc42 · June 7, 2018, 11:15am

This one has me stumped. I don’t even know where to start. I found something that can possibly be a way in but I don’t know where my files end up on the system. Once uploaded I can’t run

lokori · June 7, 2018, 11:37am

There are at least three paths One of these is totally unintended and I didn’t even realize it before DesignOops.

inf0sec · June 7, 2018, 6:49pm

Spoiler Removed - Arrexel

cExplr · June 7, 2018, 7:08pm

@Didakt said:
Spoiler Removed - Arrexel

Now that you know of the possibility, try to read as much as you can. One hint is to see what other port is opened and think of what is needed for the service to work well.

inf0sec · June 7, 2018, 7:14pm

Spoiler Removed - Arrexel

cExplr · June 7, 2018, 7:21pm

@nardin said:
Owned… pm if you need

Same

cExplr · June 7, 2018, 7:23pm

Spoiler Removed - Arrexel

lokori · June 7, 2018, 8:06pm

I think mentioning explicitly which vulnerability you should (or could) use counts as a spoiler. Though in this case it’s sort of easy to guess that as the machine isn’t that difficult intentionally.

Kr0ff · June 7, 2018, 8:46pm

Can anyone help me please im stuck at a point where i am not sure which exploit to do. Can anyone contact me please Thanks

Tr4k · June 7, 2018, 11:00pm

This box was simply magnificent, my thanks to the creator for providing us with this experience.

tip: first step in Dev0ops resembles the first step to becoming a giant spider killer

Narmu · June 8, 2018, 12:12am

Got the user but unsure how to privesc, do I need a reverse shell or…?

lokori · June 8, 2018, 7:20am

@Narmu you need to log in to the machine to find a way to privesc. Reverse shell is a good idea