is admin access useless or im missing smth?
i forgot i was www
u can get a shell from sqli…???
For me, becoming the root is piece of cake, but I struggle a bit to become a user.
I found two ways to become the root, but I don’t know which one is the intended one.
I am www-data. How do I get past the binary? I decompiled it in IDA but nothing seems interesting.
Man I don’t know how you bypassed the q**** function, but if you ever are open to providing a hint I would happy to hear it. I have been banging my head on this one
Anybody around for a nudge on foothold? found many vulns which seem to be rabbit holes and I’m stuck big time!
Nice Box. I love CTF-like machine:)
Did something change, again, recently? When I attempt to login after changing it to an admin role none of the pages work anymore. It just constantly reloads the same pages. I was able to replicate this several times.
I had the same error.
It was due to my setup. I play using a docker container from which I connect to the VPN.
I had to run my container in --privileged mode to make it work. I think the correct way would have to set the correct cap. But didn’t want to loose time
Hope it will help you folks
Hello my friends
Can I ask somebody for a nudge for user? I have a shell www-data on the machine but I don’t know what to do now.
Is anyone aware if there’s an issue with this box? I’m at the administration page but it’s blank?
Same here. I was expecting at least for the user I created to show the clicks… but is blank, I restarted 2 times and re did my way to admin also 2 times before and after resetting. Same result
[update] LOL I left to have dinner, left it on, came back 1 hour later, did a reload for the heck of it and now it shows 4 users their clicks and such and a new export option that changes everything… this box is super buggy
I’m stuck at a step where I’m getting an error: “Load key ‘id_rsa’: error in libcrypto.” Can anyone please help me with this?
Can anyone give me a hint about getting admin access? I’m out of ideas for now. I’ve tried bypassing the token hash in diagnostic.php with type juggling unsuccessfully. Ive tried SQL injecting “role=Admin” in with the “nickname” parameter (like “&nickname=test,role=Admin”) to bypass the filter in save_game.php unsuccessfully. I feel like Im missing something simple here since no one else seems to be having trouble with the admin part
EDIT: nevermind. Figured out the trick
I couldn’t help tuning it…
rooted in the intended way
I’m not able to become Admin. I know that I must bypass a ‘security’ check in save_game.php file. Any help?
I’m stuck at the same point, can you give me a hint?