Owned user
Thanks @Anders7ll
i can upload some file but php Trojan Can’t be executed
ROOTED!
Really enyoied this machine, both user and root was fun
Took me way to long to get it right on root
Thanks to @r4vanan for the help with getting root!
Привет.
Я тоже тут в поиске ответов, я нашел как удалять файлы и как загружать свои.
Но дальше мир остановился, и я нахожусь в тупике, как получить оболчку хз, дайте намек)
Rooted! Was an interesting and realistic box where I had to learn some new stuff. Much appreciated!
User:
- Be fast to run your payload. Autocleaning is pretty fast here.
- Make sure you try to append “/” in your dirbuster findings.
Root(Difficult):
- Check again what services are running.
- Something might be incomplete, but should be enough to do the job.
Pm for hints and others thank you for guiding and helping 
Type your comment> @kurogai said:
Anyone can help me? I got stuck at A** CLI, already found creds but didn’t worked.
I am in the same situation mmh
Type your comment> @NFire0111111 said:
Type your comment> @kurogai said:
Anyone can help me? I got stuck at A** CLI, already found creds but didn’t worked.
I am in the same situation mmh
No creds needed. Maybe there is a parameter or switch that can be useful?
Im stuck on root for this one 
thanks to @MrR3boot for this very nice machine; i learnt something new today.
no additional hints from me at this point as this discussion already has enough 
if you need more/specific hints send me a DM with what you did/found so far and i’ll be glad to help you.
Failed to parse: http://169.254.169.254/latest/api/token
Anynudge plz.? Nothing i could find in help.
This was a very cool machine! Enjoyed it a lot.
Type your comment> @mikado said:
Type your comment> @NFire0111111 said:
Type your comment> @kurogai said:
Anyone can help me? I got stuck at A** CLI, already found creds but didn’t worked.
I am in the same situation mmh
No creds needed. Maybe there is a parameter or switch that can be useful?
Yeah i found, now i am able to m*, c*, l* ecc, but I am not to able to retrieve a R** mmh
This machine should be called Forward Slash Revenge
Anyone have a nudge on how to “link” the main domain with the ad****** bu****, to access the files I upload to the bu**** from the main website ? Kinda lost in all those a** commands
Rooted !
Very interesting box, both user and root were pretty tough and required documentation.
Root part is obvious but not that easy to implement.
PM if needed 
I’ve spent quite a few hours on foothold, but now I’m stuck. I can execute arbitrary Jxxxxxxxxx code on the main page, but I don’t see how that could give me a webshell. I also tried to load P** files, but the server doesn’t seem to execute them. Would anyone be willing to DM me and give me a hint on how to proceed?
Edit: NVM. I’m an idiot.
Can anybody confirm about the creds.? i have foothold already and i believe creds are important to jump on R**. but unable to find the creds anywhere.
Any nudge.
Thanks in advance.
Rooted, happy to help with detailed advices or cryptic hints if you PM me !
done. great machine, learnt a lot.
thx again to @LMAY75 and also to @beorn for nudges.
my hints:
foothold: enumerate, don’t forget slashes around, read docs and reload, reload, reload
user: you should have already found what you need.
root: it’s a hard job, so enum, read the docs, read the docs, read the docs…then again, read the docs and, if you cannot find what you know its necessary, be creative…