Official Agile Discussion

erikoui · March 16, 2023, 10:11pm

So far I got:

LFI → source code → debug mode → console pin (didn’t work - rabbit hole?)
LFI → environment variables → server config file → database password (how to use it?)

Is sql injection a path worth exploring?

Bokanovitch · March 16, 2023, 10:40pm

Yeaah 1 isn’t working for me. And same for two, didn’t see how can it be used.
About sql, one of the first comment was talking about ordering thing, but didn’t find how to make it work.

tec · March 17, 2023, 2:25am

it works. just need a little tweak. try recreate the enviroinment locally to print out the pieces.

it is used after initial foothold.

secm · March 17, 2023, 12:04pm

Stuck on reversing the *** for the c******. Would appreciate a DM.

I have tried quite a few combinations of public and private_bits and recreated the environment locally to verify I didn’t mess up. Not sure I have the correct public_bits or missing something else.

SiLeNzT · March 17, 2023, 1:47pm

Can I PM you about the tweak?

greder · March 17, 2023, 4:48pm

alguien puede ayudarme con el punto de apoyo

Driikolu · March 17, 2023, 6:19pm

Rooted !

I struggled a bit on the foothold, but in fact it wasn’t that hard.

Try to recreate the app and to execute it, exactly how it’s executed on the target.
By adding some “debug print” on the core code, you’ll find what you need (do not trust at 100% the exploits posts they can have different configurations, etc).

For the root part, by doing some research on the unusuals things, you’ll find the path quickly.

Really fun one

Viperr · March 18, 2023, 6:20pm

I spent an aweful lot of time on trying to get the pin, but never went back to check why this didn’t work. Was this hardcoded?

elf1337 · March 19, 2023, 7:33pm

If anyone wants help on initial foothold dm me

erikoui · March 19, 2023, 8:59pm

The pin works

Spright · March 20, 2023, 2:35am

I am pretty stuck on foothold, If someone could pm me with some tips that would be awesome!

vmxpst · March 20, 2023, 6:43pm

stuck on pin exploit any hints? tried a lot of combinations but none are working. is this a rabbit hole?

Sosh0ck · March 20, 2023, 7:19pm

No, its working. Write me if need more info.

diego1581 · March 21, 2023, 2:33am

Hi, I’m stuck, do you have a clue?

n0x103 · March 21, 2023, 4:11am

According to a post above it works but I couldn’t get it to work despite being pretty sure I had all the right parameters. There is another way to get access that’s similar to the pin

shoebill · March 21, 2023, 8:42am

anybody else check my PIN generator script?

Edit: NM

Sosh0ck · March 21, 2023, 8:44am

Check pin variables

Machine ID. Try looking in init_.py. It has two parts.

Username - check with LFI

Module name. Reproduce source code on your sources, or guess with app.py

diego1581 · March 21, 2023, 1:55pm

thanks for the push

greder · March 21, 2023, 6:28pm

Can someone tell me how to enter the console panel or do I have to wait for the application to give me an error on its own?

evantoday · March 22, 2023, 2:16pm

did anyone having problem with connection to this machine?