Fulcrum Machine

hi guys .can someone help me with a hint. i lose the hope, it’s 4 days right now. if there is someone whose trying too to hack this box just text me and we gonna try together to hack this machine .

Try Harder

@Magavolt said:
Try Harder

thanks Magavolt.
but i keep trying . but i need a hint.

@Ju577Ry It’s our hardest box so far. And for a reason.

@eks said:
@Ju577Ry It’s our hardest box so far. And for a reason.

emmmm okey

h guys, fulcrum so hard need some hint with upload form

Fulcrum appears to have WebSockets with JSON but that’s as far as i have gotten.

hi any hints for entry point

Falcrum top notch and difficult as ■■■■, without spoiling anything for the ones that solved the box and care to pm me about something regarding getting further connection into the LDAP may pm me. Also if anyone is struggling iam willing to help also for the entry point or even cooperate in order to solve this pretty of a ■■■■ box.

I started this box last night, enumeration and was able to get my feet with a revshell, then got super confused on some paths to take and went to bed. Hopefully after work and dinner I can focus and advance on this until 6-8am. When I finish (hopefully lol) I can help people with tips.

Totally stumped on initial foothold :S … Fulcrum is going away in 2 days. Can someone just say, yay or nay on PHP File Upload is how you get initial foothold? Does it also involve LFI on the main page of that same service? either one? both together?

I have root but I cannot find any flag. What I missed?