Networked

scrapdizle · September 17, 2019, 10:19pm

Tips-
Foothold: Double file ext, magic bytes.
User: Touch and escape.
Root: reggy.

Buddhism · September 18, 2019, 2:36am

Type your comment> @0rbit4L said:

ok so i tried doing this on my own…its been days, so i have to ask…on root, in ch*****.s* i’ve been trying input after input…and nothing happens, so what am i supposed to be on the lookout for? how do i know if what im inputting is correct or not…im almost there a tiny little nudge and im cliff diving…who’s gonna nudge me off

@new2hackin said:
Need a nudge for user… I can see the c…a…php, and the c…g… files so i understand the element of time. I know i need to touch in the path but how do i use “:” (<-his cousin) and where do i use it? PM’s would be greatly appreciated

How can you escape
Check who runs what files
Use their power to give yourself power
You’re both on the right track
Keep up the good work

voidhofer · September 18, 2019, 12:50pm

Can someone please give me some tips on root? Already found ch…n… script, which looks promising but I have no idea how to exploit it. I either get wrong input error or an echo of my input but nothing useful…

EDIT:

Nvm, got it.
Hint: It almost does not matter what you use as input as long as it has the magic words in it.

LifeEncrypter · September 18, 2019, 6:36pm

finally got root. Can someone message me why this works?

0rbit4L · September 18, 2019, 11:36pm

finally cliff diving thanks to @letMel00kDeepr nice work dude

Hint: for me after with respect to the input…, aside from being nudged, it is the first thing you would think to do, and after spending days on it, it ends up being the last thing you do, and it doesnt make sense because fuzzing rarely does

seVen7 · September 18, 2019, 11:40pm

Thank you for your help with user @Orbit4L
Type your comment>
@LifeEncrypter said:

finally got root. Can someone message me why this works?

I too would like to know the technical details as to how. I have an idea but fuzzy on it.

codebear · September 19, 2019, 3:23am

G’day all again,

I’m getting into a rhythm of rooting boxes and as always the forum is a source of great inspiration and I always like to give back.

Just to note for this box I’m on a private server so I didn’t get any spoilers but a big shout out to @letMel00kDeepr, @LastC0de and @Apr4h for nudges on the USER portion.

INITIAL FOOTHOLD: This is pretty straight forward, think double ext and magic bytes. I picked this up from an IPPSEC video (although I can’t remember which one).

USER: The hints in here are TOUCH and you’ll need a special character ‘;’. Figure out where this needs to go and be patient. If you’re on the free server you’ll probs get this straight away.

ROOT: Basic privesc will lead you and then read code again.

If you need help PM me.

Demonseed74 · September 20, 2019, 4:51am

solved this one - had a facepalm moment.

Initial - basic bypass , done so many times

User: if you have seen Bill and Ted , there is a famous figure they pick up, tool i used sounds simliar to his name, (missing r and e)
mv command can be your friend when creating the file.

Root : do your basic checks what the user can do, read script, do some homework on the command run and the entries it uses. enter the command and you in.

v01t4ic · September 20, 2019, 5:03am

Rooted, Pm for hints.
Thanks @guly for teaching some basics

Hannes08 · September 20, 2019, 7:13am

Got root

user: time let me to doubt my approach… be patient
root was fun. read the script carefully then think…

rootshooter · September 20, 2019, 12:31pm

Stuck on User… I got a basic shell fairly easy and have been going through my standard enumeration process. I am fairly unfamiliar with PHP and have been trying to read through documentation to gain an understanding. My question is, am I overthinking it? How much PHP knowledge is required to gain User access? If someone would PM me a little nudge it would be much appreciated!

osmus · September 20, 2019, 2:46pm

Not sure how to get escalation after i get my shell. I’ve read _.php but im not sure what I need to do with it. Any nudges would be appreciated.

0xPThree · September 20, 2019, 2:53pm

Rooted. Interesting and fun box, learned something new.
PM me how far you’ve got for a nudge.

Parttimesecguy · September 20, 2019, 6:03pm

should chn*.sh file be setuid? because its not doing anything useful otherwise?

unless I’m the wrong user…

LordImhotep · September 20, 2019, 9:42pm

Pretty cool box, was having a frustrating time with it before using nc flags though.

Feel free to PM for hints.

Shin · September 20, 2019, 11:43pm

Rooted! if anyone needs help on this machine, feel free to PM me for hints.

c1cada · September 21, 2019, 6:29am

R000TT ■■■■ ya! Good box!!! Good times!!!

N4pp3r · September 21, 2019, 9:22am

Can anyone help me with getting user? I’ve got a shell and can see the php file in home/g***. I’ve cat it but have no idea what I’m supposed to do with it?

kalagan76 · September 21, 2019, 5:24pm

I’ve been stucked for days. Still trying to upload my shell. I know what to do but despite the fact that the upload is successful, the gallery is empty. What do i miss? Can someone PM me to put me on the right track please?

Gn0m3h4ck3r · September 22, 2019, 4:23am

Could someone PM me about initial foothold? I know what I need to do but have never played around with this so unsure how to get it to pull off my server for upload.

Topic		Replies	Views
LaCasaDePapel Machines	696	109682	November 8, 2019
Ellingson Machines	435	59826	October 17, 2019
Netmon Machines machine	831	107555	May 14, 2025
Irked Machines machines , irked	842	124456	February 19, 2022
Official Zipping Discussion Machines	156	13303	January 9, 2024

Networked

Related topics