Mango

joelblack · November 8, 2019, 1:03pm

Rooted.Thx! Nice Box

N7E · November 8, 2019, 4:23pm

Rooted finally took me a few hours for initial shell but the rest was a walk in the park. Enum well, however dirb did not help me , keep it simple after initial shell , burp your way to these flags like a mongo

Quacktop · November 8, 2019, 7:26pm

@MrR3boot Thanks again. Initial foothold and user was most work, luckily the “mango” has default features for enum. Root was an interesting new tool.

Hilbert · November 8, 2019, 11:16pm

@MrR3boot This was the most fun box I’ve done so far. I learned quite a bit! Big thanks to @sudneo for some key help

user: If you’ve got creds but are frustrated because you aren’t the user you want to be, there is more than one way to login as a user

root: I suck at privesc, so if I can get it you can. Read the posts in this thread, the path has been given multiple times

PM if you need a nudge

JadeWolf · November 9, 2019, 7:59am

@MrR3boot thank you - the headaches have stopped after smacking my head of the desk! Thanks to everyone that give nudges, lesson learned remember the basics.

So Root Dance!

MrR3boot · November 9, 2019, 8:07am

@JadeWolf, @Hilbert, @Quacktop

https://media1.tenor.com/images/333f32653e9990db138bfc4e7714d5c2/tenor.gif(image larger than 100 MB)

D3Fix · November 9, 2019, 3:11pm

still stuck at the login page, few suggestions are appreciated

cha63 · November 9, 2019, 7:33pm

For anybody having trouble finding out whats running behind the curtain: after the new way has opened up for you, return to basic enumeration, there is something to be found if you follow the path.

For the next step, Listen closely to the responses you get, it’s not as blind as you may think it is. There are a few articles out there outlining the process.

Regarding root, looked up gtfobins for the thing I thought I found, unfortunately it didn’t work. Would be glad about any pointers ! Thanks

mosaaed · November 9, 2019, 10:20pm

more nudge please I got HTTP/1.1 302 Found

Pir4t3 · November 9, 2019, 11:02pm

I had fun with this box. I went down a hole and missed the obvious with root. Once I noticed the correct path it was a matter of minutes. PM for nudges.

cha63 · November 10, 2019, 12:37am

Managed to get the Root Flag. Great box!

And thanks again for the nudge @Pir4t3

blup · November 10, 2019, 7:09am

Got user yesterday and finally pwnt root this morning.
Getting user was a lot of fun.

Loved this box!

D3Fix · November 11, 2019, 2:45pm

Stop bashing this machine please, not fun anymore. This box keeps come online and within 1 minute it’s unavailable again

pr0mming · November 11, 2019, 5:41pm

It is an interesting machine, when people say that Mango is a words game, it really is, but don’t try to break your head trying brute force with combinations of this word or similar things, I did it was discouraging.

The escalation is very easy, there is a very clear hint in the folder of the second user

Thanks @Twypsy @MrR3boot

D3Fix · November 11, 2019, 8:40pm

@MrR3boot is there a kind of request limiter on the box?

D3Fix · November 11, 2019, 9:23pm

Finally got logged in shell as user m**** with good help of @hlyblyhakr

Tomorrow hoping for a little more progress to own user…

The connection of this box is really wors though, keep dropping connection or is it just me?

NanoCyberSec · November 11, 2019, 11:38pm

Spoiler Removed

HumanFlyBzzzz · November 12, 2019, 12:07pm

W00t w00t !

Thanks @JadeWolf for assisting me with the re**x syntax ive been losing my ■■■■ over that one
Oh and I LOVED the box @MrR3boot , learned a ton here, cant think of a higher praise

MrR3boot · November 12, 2019, 1:30pm

@D3Fix said:
@MrR3boot is there a kind of request limiter on the box?

Nope.

MrR3boot · November 12, 2019, 1:30pm

@HumanFlyBzzzz said:
W00t w00t !

Thanks @JadeWolf for assisting me with the re**x syntax ive been losing my ■■■■ over that one
Oh and I LOVED the box @MrR3boot , learned a ton here, cant think of a higher praise

Me too