Finally got the root, I wasted so much time on root just cause I didn’t use sudo, It was fun though.Thanks to everyone who helped me out.PM me if you’re stuck!
Type your comment> @CRYPT0HEX said:
Guys need help with user?
Yes 
I don’t know. How i upload my Reverse Shell. I have a Idea how to do it. But how i do it? xD
Someone can give me a hind?
need help with root stuck for days on getting root or user. I got shell np. PM me for some help and advice.
Got root but don’t get why it worked could someone PM?
I get that the file gets executed but don’t get why what’s in the var gets executed.
Also PM if you need a nudge
Type your comment> @Dialect said:
Got root but don’t get why it worked could someone PM?
I get that the file gets executed but don’t get why what’s in the var gets executed.
Also PM if you need a nudge
Got root too, but baffled like you. To me, there is nothing about the fuzzing I did that should have given me a root shell. I’d be grateful for any PMed insight on this front.
Thx a lot for this box
Simple and funny. Really enjoyed
user: enumerate fast on web port. research about magic bytes in file formats that you need. Read and enumerate home folder of user
root: Try to get some elevate basic, read the filter in the scripts, try try try
wwwhhhyyyyyy does my user shell keep connecting and insta-dropping?
about shell when you upload the thing attempt to make it run I get connection errors I don’t know why
Type your comment> @ShellLock said:
I don’t know. How i upload my Reverse Shell. I have a Idea how to do it. But how i do it? xD
Someone can give me a hind?
PM Me
After lots of brainstrom i’ll be able to get root. it took me 4 days to get root. PM are welcome for hint.
[root@networked ~]# id ; hostname ; date
id ; hostname ; date
uid=0(root) gid=0(root) groups=0(root)
networked.htb
Mon Sep 9 11:29:10 CEST 2019
[root@networked ~]#
I think we are supposed to use exiftool for uploading the image?
@tripster98 said:
I think we are supposed to use exiftool for uploading the image?
I recommend you and everyone stuck on the initial shell to keep it simple. There is a very trivial procedure to inject a payload into an image file and it works on this machine. Also, to be on the safe side, consider using one of the images which are already uploaded to the gallery by localhost to avoid eventual size and format restrictions.
Definitely was a fun and straightforward box. PM if you need help!
Type your comment
okay so i just reset the box and the u****** dir now just says “.” even when i successfully uploaded my payload
Do you need to escalate to the home/user to get to root?
/e: Done. What a brainfuck.
Can someone help connect some dots between the two files in the user home directory, the locations in the source code and the t***h command? I get the hint that you have to add something to a specific location but all files and locations have read only access. Nudge please!?
Updates:
User: there’s definitely more than one way to leverage the exploit found in the source code of that special file. Even if you can manually run the file, you must wait for it to run itself otherwise your code won’t take advantage of the exploit.
Root: TBD
got it . PM me if you need help or a hint.
How to do this root? I cant think a way to do this privesc properly