The password is in a File? Or is it a sign?
Great simple box. Can be a little unstable at times but decent flow between steps, there are probably no hints I could give that haven’t already been given but happy to help people through DMs.
Type your comment> @daniel2005d said:
The password is in a File? Or is it a sign?
The password is in a file. Finding the right file is the difficulty. Google for people complaining about credential storage and hopefully you find the right one 
For those who are struggling with confi****** files . May be youa re looking in to wrong files…
use -la in f**
Aloha,
I couldn’t get connection again to that box via ftp service even I try to do a ping but host is unreachable, I just can see the weblogin.
I don’t know if this is due to many restarting or many people attacking. 
■■■!! finally got my 1st root.txt. Over think it.
I didnt use RCE though.
Tips for Root:
I re-created the psh script on my local machine. by playing with it, i understood how it works and trial error using various psh cmdlets. Good box.
PM for tips. cheers!
After a lot of researching (noob here) I was able to get the root flag but… Is it possible to get a shell? If someone knows please PM me 
I need some help finding the site credentials. I’ve looked through the c************ and t**d files. I would appreciate a little push.
Greetings. I feel that I’m at the cusp of obtaining root, but might need a little help.
I was able to find credentials and research a potential exploit. I’ve played around with a particular parameter field and triggering it, but it seems that upon trying to use a particular Impacket program to verify said executed parameter, I’m getting a failed authentication message.
Any assumptions or syntax that I should be checking?
Hi, I think I’m close to finding the password for the website but an not sure what to do next. PM’s would be welcome!
looking for help I initially found the c*********** file but dont see any clear txt passwords i believe i found encrypted ones tho but im having trouble decrypting them also i keep seeing people say a .old file is there but cant find that one either. looking for clarity.
TIA
shout out to @Nightbane as well as @sckull for the help!
removed by user
@gilf0yle said:
User was too easy, Root was really fun, I’ve learned a lot. Thank you @mrb3n for the machine and thank you @54pp0r0 for helping me on the reverse shell syntaxPS, reverse shell is not needed to get root.txt but if you insist, try switching all the " to '.
Edit: if you need help, feel free to contact me
Thanks for the tip.
Rooted finally.
Hmm… have done machines that are harder. I think I’m missing something. I have creds, I
can login… but stuck on rooting. Found the blogpost, but even ping wont give me results in tcpdump. Maybe someone wants to assist ?
EDIT: Rooted.
As long as there are brainless chickens that are keep changing the login pass, there will be more people struggling with this machine. I already did this got both user and root and I based my research reading all on this thread + a couple of articles on the web. You don’t need more that that. @mrb3n thanks for the machine!
Very easy machine… I enjoyed ??
Ohh Finally Rooted! After ■■■■ lot of resets and trials…
Feel Free to pm me for any queries…
Just got root.
User was trivial and I didn’t really like priv esc.
PM for hits if you get stuck
@MALVO said:
rooted. little hint: once you get RCE if you follow the poc to the T you will then have something else you can use with another infamous exploit. nice to know that exploit works on that OS version 2
Well done mate, nifty resource.
got the user easily.
However, I am having difficulty of getting root.
I found that username and paintext password from file named ‘P*** ************.o.**k’ for accessing the portal. However, the password seems incorrect even if I reset the machine.
Could you please provide some help. Thank you so much!