Official Appsanity Discussion

Official discussion thread for Appsanity. Please do not post any spoilers or big hints.

Another Windows box. hmmm this one has name combination of words app an sanity. This implies this box gonna require to become an expert of app useage. And the man at logo of the box looks like a man who became insane to the point that he lost part of his hair :sweat_smile: Good luck everyone.


This is gonna be fun

I liked the avatar :stuck_out_tongue_winking_eye:


its a good picture of what most of us are going to look like after this box.


So far this box isn’t too bad. Good luck everyone!


Ok, so I got user, but I am still confused as to one of the steps. I used port 8080 just out of sheer frustration with nothing else working. Still have no idea why this works…will need to dig into it now I have a shell but if anyone else knows, please DM.

Tips for user: Do your recon - nothing special is required beyond the ordinary (dir and vhost). Be sure to intercept everything, and look for what you can control. Then, see what changes when you play.
Once you are on the app, it is going to be much more playing with functionality. Where can you point links? How is the input/files being filtered? Test it all out and it should be fairly straightforward. Any more detailed hints or specific questions, welcome to DM.


For ppl who have user, does regular msfvenom generated reverse shell work for you? I’m not sure if my shell is not working or whether I’m calling it wrong.

It doesn’t!!! I wasted about 3 whole fucking hours trying to get a shell with it. Google should provide you one that works.

yes works

People gonna have to visit their office :sweat_smile:

I’m a bit stuck at getting system on this machine, I think I have the vector, but I’m not sure how to exploit it. Could I pick somebody’s brain over DMs please?

I dunno about prescriptions, but I’ll pour the shots for anyone needing one after all of the digging required to get to admin.


1 Like

Any hint from de*doc? :face_holding_back_tears:

Okay I sent that aspx bomb to the management what now :melting_face:


Hello I search informations for second flag I am on the user shell but I don’t know to find

I am getting no where fast on this one… can anyone help me with foothold?

1 Like

If anyone can give me a nudge on root i would appreciate it thankyou!

Hello !! Can someone give me a nudge on how to access the modified rev shell after uploading it. Thanks!!

Need help for Uploads D** file to get Administrator :3