Type your comment> @deviate said:
@SilkySparrow said:
Im stuck on the /asdiS********* code, i decoded it and it gave me a bunch of random characters and index.php twic ,i read it is something with magic numbers but i dont figure out what to do nextif you decode it and save the output to a file, what type of file is it?
I know what kind of file it is, but i can’t get it to open in the file manager for that type of file. any tips?
This box totally sucks apart from its priv esc which I learned a lot from. PM me for nudges if you get stuck, although everything you need is already in this thread.
Type your comment> @sillydaddy said:
Type your comment> @sentry said:
got user, but root is going to be tough since r** is not helping me much.
Can i get a nudge please?
ippsec October
Got it , Thanks
Cracked the …? … Need help with second code, tried everything but no luck, someone please help
Type your comment> @SilentMe said:
Cracked the …? … Need help with second code, tried everything but no luck, someone please help
Its the encoding we always crack but its not in text when you crack it… just check how we decode “that specific” string to a file, maybe?
Thanks that was helpful
I’m struggling with pl****s admin page. I can’t use any non-MSF exploit. How can I get a RCE from there? Can someone PM me please?
Despite a reset, it seems pl****s service is down
now it’s up
Hi , i find the idk**** passowrd but i can’t find the webpage that i can login , any help???
Type your comment> @wail99 said:
Hi , i find the idk**** passowrd but i can’t find the webpage that i can login , any help???
bust the dirs and subdirs…
Hi all, I have used our orange friends language and decoded the trinary gobbledy gook from which I got nothing to understand except that part was decoded correctly. Building on that base with my favourite chef got me a bakers dozen bytes which won’t expand. Is that bakers dozen due to a lack of yeast? Do I have the wrong recipe? If you can understand me then perhaps you can help me with the right recipe. Much appreciated.
Edit: @clmtn Gave me a good ingredient to try. Managed to continue on cooking. Respect given.
Hi Guys,
Need a little nudge in escalation. So I am not very good with bf… however taking some hints from folks here… I have copied the rp file and tried to exploit in my machine. I am able to get syem add and sh*ll address. Using these two I am able to escalated privileges in my Ubuntu box… however when I am trying this on target box… it gives s******on err*r.
Please let me know if I can pm anyone…
Appreciate your help.
Nevermind! rooted it! good machine to learn new stuff 
Got user flag now looking to escalate out of www. I am pretty sure I found a binary target . I have an idea on what I think I need to do but never really done it before. Could someone please DM with some help/advice?
Type your comment> @kekra said:
@l30n said:
Yeah someone told me you can do everything on the machine as a www-data user? Can anyone verify that?Yes - no escalation to another user required for rooting the box!
To everybody struggling with priv esc: I’d recommend again to search for videos on retired boxes that required the same type of BOF - and to practice with one of these boxes if you are VIP.
For me, those videos were the best and fairly self-contained ‘step-by-step’ tutorials for that method. If you rooted one of the old boxes, you should be able to use your old exploit script as a template!
Any recomendations of speciai machines/videos to learn ? Thanks a lot
got the idk password and dirbusting the dirs and subdirs the hole day. Can someone give me please a hint about the location where I can use this?. Thanks
Im on the stage of getting root shell but cannot find the /bin/sh address. I have tried a script and other things but cannot get it. “Somebody! anybody! Help me!!” …please. Thanks
can someone help me with the second one decodation?
PM me please!!
This was my first machine ever, spent literally 15+ days to get the user and root.
Had to go through hundreds of docs, scripts & videos
Special thanks to ippsec, clmtn & mendedsiren63