ForwardSlash

So is fuzzing not going to find me that magical xml file? I may have gone down a rabbithole of following the hacker gang’s name and finding a related exploit.

found lfi :slight_smile:
now on to the reverse shell

any hits ??

Type your comment> @anuragd said:

So is fuzzing not going to find me that magical xml file? I may have gone down a rabbithole of following the hacker gang’s name and finding a related exploit.

try to fuzz something like a text, it will help you for next steps

Type your comment> @foxlox said:

try to fuzz something like a text, it will help you for next steps

been fuzzing file types for a couple hours now :frowning:
What I thought could be helpful from the site was less than successful ?

Spoiler Removed

Spoiler Removed

Rooted at last. This machine was quite cool. A very nice mix of techniques. Congrats to the creators for it!

In case you need a nudge:

  1. Once you get into the correct place, be a hero and point all the guns at yourself. If you’re lucky enough you’ll catch the bullet mid-air.
  2. Pretty standard technique to go from user A to user B. Enumerate!
  3. For root, sometimes you don’t need a key to open a broken door. Just focus on the cracks.

@munra said:

  • Once you get into the correct place, be a hero and point all the guns at yourself. If you’re lucky enough you’ll catch the bullet mid-air.

What kind of hint is this ?

I rooted, but I don’t quite understand why what I did works. If someone can explain the c****o part to me, that wouuld be much appreciated.

Type your comment> @clubby789 said:

I rooted, but I don’t quite understand why what I did works. If someone can explain the c****o part to me, that wouuld be much appreciated.

Any hits ?

My enum game is weak on this one, only found the text and can’t bust anymore from the ‘clue’ :frowning:

Edit:
nvm being lazy

Type your comment> @fmwd said:

Type your comment> @clubby789 said:

I rooted, but I don’t quite understand why what I did works. If someone can explain the c****o part to me, that wouuld be much appreciated.

Any hits ?

Consider doing one of the easier boxes first. The box has only been up for 12 hours…

Is password from *.php rabbit hole?

Type your comment> @ls4cfk said:

Is password from *.php rabbit hole?

Try reading all php files you can. You must have seen something like Unauthorized

user: read notes, find location, signup and use text fields, bond something together to escalate
root: enumerate, routine check and get the right way, open you eyes, is there

root@forwardslash:~# ifconfig | fgrep 10. | awk ‘{print $2}’
10.10.10.183
root@forwardslash:~# id
uid=0(root) gid=0(root) groups=0(root)

foxlox

So far loving the “Please take care of our planet, we only have one.”

EDIT: And rooted. Really nice box but I fell into too much rabbit holes…
Thanks to InfoSecJack & chivato for this great box!

After you’ve rooted, please, undo everything you’ve done and clean up. Stop leaving the door open.

Any hint about crypto?

Type your comment> @ls4cfk said:

Any hint about crypto?

stuck on it