Hint for Waldo

Finally got root thanks to this forum and to @buckeye1234 for all the advice.

If anybody was able to get root shell, will you PM me please, with a friendly nudge?

This is my second box, and I could use a nudge.
I should be able to read files, and I’m getting a 200 response but there is no data returned.
f***=**** doesn’t seem to work as it looks like it should. I’m getting the same response to a blank request.
Any help?

Edit: Nevermind, I had made a simple error.

I’m having some trouble reading the user.txt
I suspect it can’t be read with current permissions. I’m fairly sure I need to use m****** file to go on. I’ve removed the bad chars and changed permissions to 600 but I’m not being granted access. Denied (pub)

A little help please?

@ananpier85 said:
I’m having some trouble reading the user.txt
I suspect it can’t be read with current permissions. I’m fairly sure I need to use m****** file to go on. I’ve removed the bad chars and changed permissions to 600 but I’m not being granted access. Denied (pub)

A little help please?

I used a decoding online service for that format type and logged in worked for me. Hope it help :wink:

@ananpier85 said:
I’m having some trouble reading the user.txt
I suspect it can’t be read with current permissions. I’m fairly sure I need to use m****** file to go on. I’ve removed the bad chars and changed permissions to 600 but I’m not being granted access. Denied (pub)

A little help please?

Maybe you are not the right user?

@fasetto said:
Maybe you are not the right user?

It should not have taken me so long to realize that, thanks.
Now on to root!

fairly unobvious way to root. anyway, flag is mine \m/
pm me, if you need a hint.

Can anyone help me out with waldo machine? Please PM me for the hints for gain normal user access. Thanks.

@johnybaba said:
Can anyone help me out with waldo machine? Please PM me for the hints for gain normal user access. Thanks.

Check how list works.

@LordRNA said:

@johnybaba said:
Can anyone help me out with waldo machine? Please PM me for the hints for gain normal user access. Thanks.

Check how list works.

While adding a new list, we can add some data. But whatever I am storing, in burp response it shows there but in the browser it shows nothing.

Holy cow. Finally got the user and root flag. Shoutout to @ZaphodBB for the hints that got me through the small hurdle. As a Linux user for years, there’s always something new to learn as this box revealed. What a ride!

@r0pSteev said:
hava a look at this website https://tipstrickshack.blogspot.com/2013/02/how-to-bypassing-filter-to-traversal_8831.html

great post here.

Could anyone PM me for root ? I’m currently logged in as m*****r . Found interesting files in ap*-**v directory. Cannot figure out a way to root.

Hi, I got user. But I can’t work out how to escape the rterm, logged in as n****y

Okay, I got out of that restriction, and into another, and out of that, but now I’m reaaaaaly stuck

this should come in handy for anyone needing to remove newline and escape characters in a file they might hypothetically find somewhere:

cat dirty_file | sed 's/\\n/\n/g' | sed 's/\\//g' > clean_file

@s1k said:
this should come in handy for anyone needing to remove newline and escape characters in a file they might hypothetically find somewhere:

cat dirty_file | sed 's/\\n/\n/g' | sed 's/\\//g' > clean_file

nice little action there, had to do it manually.

oh shit!

I keep getting this when trying to use the file that has extra hacker capabilities…

*pts/0���[�
pts/0ts/0monitor127.0.0.1���[C�$

when I have @#$@_read_search I don’t understand why I can’t read what i’m trying to read…

@drUIdmoz said:
oh shit!

I keep getting this when trying to use the file that has extra hacker capabilities…

*pts/0���[�
pts/0ts/0monitor127.0.0.1���[C�$

when I have @#$@_read_search I don’t understand why I can’t read what i’m trying to read…

I am getting it too don’t worry I think we just need to try harder.