ForwardSlash

PrivacyMonk3y · May 11, 2020, 10:58pm

Type your comment> @fr0ster said:

I’ve just rooted this box. It’s very interesting experience.
And I want say thanks @InfoSecJack & @chivato for box.
And thanks @PrivacyMonk3y for he put my separated knowledge about XXE together and his very valuable tips

congrats and no worries

SohaibSEG · May 12, 2020, 5:45pm

Type your comment> @SohaibSEG said:

Been trying to escalate from “C” to “P” the whole day
cant find a way
please pm me if you can help

EDIT : DONE
Banged successfully
honestly i really don’t know how my brute-force script worked lol

beertocode · May 12, 2020, 10:01pm

Just finished with this machine was an easy one , need to pay attention on what you have learned…

PM for help .

juanpablito · May 13, 2020, 9:22am

Type your comment> @lebutter said:

I have never noticed but looping through each line of rockyou in Python gives me issues, i have to ignore several entries, it cannot properly decode some lines…

Force conversion to UTF8 and it should work !

myrtle · May 13, 2020, 1:37pm

Yeah! I Liked this new e********* t*** a lot! It was as cute as it could be!
Now I can finally do mental math in Hexadecimal.
Thank you @InfoSecJack and @chivato for this amazing learning experience.

henryval · May 14, 2020, 12:46am

i dont know where else to look, i got some creds in c*****.**p file, i would appreciate some help, smh

corpnobbs · May 15, 2020, 1:07am

This box was a struggle from start to finish for some reason - my brain took a vacation. But with some patient no-spoiler help I got there and went back to figure out why it was difficult. Learned some good lessons, or rather re-learned them. Glad that one is over with.

k41u · May 15, 2020, 5:58pm

Hey guys, any nudge with the X** API T**** ? Unable to change my picture… Cant get through the 403…

jkana101 · May 17, 2020, 3:26pm

rooted! I’ve learnt many things with this box!

fiddler · May 19, 2020, 5:59am

For user:

When ready to exploit the interesting binary, remove any traces.

I spent several hours wondering why I didn’t see my expected output…

hawksvision · May 20, 2020, 12:50pm

have been on the discovery part for hours but cant find any directories.am i missing out anything like vhost (i’m already at forwardslash.htb)

a nudge would be helpful

nicoswd · May 20, 2020, 1:15pm

@hawksvision said:
i missing out anything like vhost (i’m already at forwardslash.htb)

a nudge would be helpful

Have you explored that path?

hawksvision · May 20, 2020, 1:44pm

Type your comment> @nicoswd said:

@hawksvision said:
i missing out anything like vhost (i’m already at forwardslash.htb)

a nudge would be helpful

Have you explored that path?

@nicoswd said:

@hawksvision said:
i missing out anything like vhost (i’m already at forwardslash.htb)

a nudge would be helpful

Have you explored that path?

do you mean vhost bro

hawksvision · May 20, 2020, 2:21pm

Type your comment> @hawksvision said:

Type your comment> @nicoswd said:

@hawksvision said:
i missing out anything like vhost (i’m already at forwardslash.htb)

a nudge would be helpful

Have you explored that path?

@nicoswd said:

@hawksvision said:
i missing out anything like vhost (i’m already at forwardslash.htb)

a nudge would be helpful

Have you explored that path?

do you mean vhost bro

thank you bro

hawksvision · May 21, 2020, 9:46am

Spoiler Removed

hawksvision · May 21, 2020, 11:23am

Type your comment> @hasky said:

need help,

i found LFI and get get c*****.php mysql password of www-data and get a**.php but i don’t know how to use that password…

should i get more file from server or enumerate further…
it is my first hard machine…

thanks

edit: rooted thanks for helping me @zard and others for nudge PM

stuck at the same point got a little further and can get the x*l submit page but dont know how to get through this

lightfu · May 21, 2020, 1:32pm

I think I’m just a little bit behind @hawksvision and @hasky re: the intial foothold…

I’ve found the site where it’s possible to force a file upload, but any PHP code that I upload there never runs. It prints HTML fine, but completely ignores any PHP.

How do I force my uploaded PHP code to be run properly please ??

EDIT: Thanks everyone, got SSH access now. Battling with the next stage now…

imlonghao · May 22, 2020, 9:25am

Hello everyone, I can S** into the machine as c***, now I am figuring a way switch to another user. I noticed the b***** file but it doesn’t work as I expected.

Any nudge? PM me pls.

rooted. thanks marlasthemage

PM me if you need help.

notagain · May 22, 2020, 11:20pm

Finally rooted, pfiouh !

MP me if you need some help

7u1x · May 24, 2020, 10:25am

Hello I’m stuck trying to use the LFI… I would appreciate if anyone can private message me and point me where I can read about typical paths and and files I should enumerate.

thanks in advance!

Edited: I was enumerating the correct files but not in the correct way

For those stuck in the LFI, check the obvious files but note that filters have to be applied to get to the source of the problem.