Official discussion thread for Breadcrumbs. Please do not post any spoilers or big hints.
Good luck guys
Nice box so far.
I found the vulnerability and read the password, but didn’t work with any user.
I think I need to re-enumerate again to find my way in.
Will resume tomorrow
Can I have a hint for foothold or a hint towards foot hold I used B… to view stuff and then went to the directory and found the …ks
This last step to root is really making me scratch my head. The rest of the box before this was so interesting and cool, but this last part sucks. Does anyone have a nudge? I see the “hint file” and I understand how everything is working, but I’m missing some piece that must be hinted at in this “hint file” but I’m not picking up on it.
Any hints?
EDIT: Wow. That was kinda dumb. But I got there in the end; too much overthinking and too deep down rabbit holes.
Some small nudges:
User: Evaluate the full functionality of the web application from top to bottom. Play with requests, see if you can get it to reveal some information it shouldn’t. Then use that information to evaluate the web server much more “completely”. Lots of steps on this one, so stay tenacious and make sure you understand everything that the server is doing!
Root: Again, many steps. Follow the “breadcrumbs” that have been left for you in obvious places. Gather creds, then find other services you couldn’t access before. There may be a “map” on your machine that will give you the path to some more credentials. Then this is the tricky part: just try a bunch of different “modes” and see what sticks.
DM me if you need nudges!
Good box up until the end… There are a couple rabbit holes here and there. If you find the breadcrumbs stick to it. Nothing really new that you haven’t seen before on other boxes.
EDIT: Got a shell, still no user flag… gonna try 'n automate the initial process because of the fragment I found on the server, already got a new user but still puzzled, don’t wanna go through each and any rabbit hole again with the new intel…
Fun box, thanks @helich0pper
Very nice box, i’ve only got user but this is a marathon so i’ll pause a bit here.
To me this is a very good OSCP/OSWE box, there’s nothing too crazy but it’s a very nice check of all the basics all chained together.
Type your comment> @lebutter said:
Very nice box, i’ve only got user but this is a marathon so i’ll pause a bit here.
To me this is a very good OSCP/OSWE box, there’s nothing too crazy but it’s a very nice check of all the basics all chained together.
Agreed & still puzzled how some guys & girls can do it in under 1h, wish I could learn that. Maybe in 10 years lol HAHA
i managed to get some creds using the vulnerability and the requests, but those creds didn’t work on the website, any hints?
Wow, in case there are others out there like me where the basic initial enumeration of one of the most common ports on almost all the boxes isn’t there, reset the box. Don’t be like me and spend hours and hours working on the wrong stuff. Just reset and try again. Also, if someone disabled that service once they rooted, just why? Thank you for wasting a day a half of my life lol… you win I guess.
Working on root now. I’m having a bad time with 1234. Rabbit hole?
Got User with 0 hints, it feels amazing. This is the best box ever hall-of-fame never take it down AAA+++
I may have found an unintended route to root
Hi everyone. I started this box 2 days ago and found user without hints which felt very good
I am now stuck onto root (I found same thing as @tacoLlama but can’t find anything on it) any hints on root ?
EDIT : found root. You just need to enumerate to correct files/folder
Has anyone been able to tackle the 1234 issue manually? there’s “forbidden” automation tools that can do it, but I am interested in how to do it manually
Rooted !
What a fantastic box, each step is pretty realistic. Thanks to @helich0pper for this one :).
PM if needed
Type your comment> @Meise said:
i managed to get some creds using the vulnerability and the requests, but those creds didn’t work on the website, any hints?
i found other files but still have no luck, if someone can pm me i would really appreciate that
Very fun box with basically no guessing needed, all the “Breadcrumbs” are there