i’m now logged in ssl mode .
any Hint for the next steps to get out .
hi all…i have read all the posts here…helps me a lot to get to a point…but now i m stuck on the absolute path(Lfi) to rce …try many things but no luck…Pm for some extra help…
hi, someone that I help me with dns enumeration, I am beginner
A little lost at where to begin - a nudge would be great - or a full on aggressive hint would be appreciated too through DM.
First I thought I should attack via SMB, but now I’m thinking SSH might be the correct vector.
I’m completely lost at the moment. Help please!!
Thanks @limbernie on page 6. I did my “enum” again, on South American dance techniques 
& saw the clue I needed desperately.
Rooted. Thanks @IgorLB , @cyberus , @goetia for hints.
It was interesting journey. Special thanks to machine maker @askar
Can someone please help me with the LFI part? I have tried many things with the parameters even using the third one as well and getting nothing…
Anyone any hint for the right path (LFI)?
Edited: rooted
user was easier than it seemed
root very easy
Nice box, got root! Fun and instructive one, some good tips and techniques.
I’m stuck in the beginning trying to enumerate the domain. I am 100% certain i have the domain right and dig and nslookup is making me believe that this is right, and dirbuster finds directories on this domain, but when i try to access it i get nothing. adding a dns to my machine hasnt helped either. I’m starting to think im going down a rabbit hole. Can anyone give any help/insight?
This is frustrating! I have tried everything on that LFI, know that have to call the file uploaded to Brazilian dance but don’t know how! Any hints would be appreciated 
I know that absolute paths are needed but this is not giving me anything!
I tried fuzzing the param names, PHP wrappers, relative path, absolute path, encoding, null byte in filenames for the f4ck sake!
EDIT: Got user, but don’t like the way…
Root was the easiest ever!
Type your comment> @haqpl said:
This is frustrating! I have tried everything on that LFI, know that have to call the file uploaded to Brazilian dance but don’t know how! Any hints would be appreciated
I tried fuzzing the param names, PHP wrappers, relative path, encoding, null byte in filenames for the f4ck sake!
Check your inbox…
Guyz how did you managed to know absolute path for upload dir ? pm me any help would be good
Need help with absolute path for LFI. SMB enumeration only give e**/Fil**, but no success. Any clue?
EDIT: Got user and root. Almost not guesswork. If you need hint, pm me.
who can DM a Hint to dance as a brazilian . i’m stuck at this point . no user no root.
Pretty cool machine. Getting the low priv shell is kinda tricky but thanks to @ghost0437 I was able to get the haha page and call my shell.
User: As you’ve seen in this forum, it’s all about zones. Once you get to this step you’ll have to climb another level to get to the haha page. Make sure you enumerate the brazilian dance to see what can you do (this step will be useful later). Also make sure you enumerate port 443 and you’ll have to edit some files on your end so you can see. Once you’re in the haha page follow the instructions on the screen and call your shell by using the absolute path
Root: g0tm1lk’s guide will point you to the magic file. Once you identify that enumerate what’s running in the system. I used this awesome tool GitHub - DominicBreuker/pspy: Monitor linux processes without root permissions Once you identify the process you should know what’s next to get root.
When i try to access the domain i get a totally different page than what other people i know get, who are working on the same box. I am using Parrot OS and I get a page that looks like this Screenshot by Lightshot ( first line blacked out to save from spoilers ). Has anyone else had this issue, or know how to help me figure out whats going wrong?
Got Root. Pretty good box.
Did anyone get Root another way other than following the snake? I think there is another way (s**********n) but can’t get it to work. Would like to discuss if you got Root with this method.
Also feel free to PM me if you need hints.
I’ve managed to perform the z***.t****** and found 4 new subdomains. I’ve found a****.fr********.r** and logged in with the a***** user and password found during the Brazilian dance. I’ve updated my h**** file. I’ve been stuck at the “Admin page is not developed yet !!! check for another one” page for days now. Any tips?
Can someone help me enumerate port 53?