sometimes you dont need reverse shells
btw… the box is very straight forward and so ez…
@kavigihan nice work man… 
Rooted
Machine very easy but not bad for beginners.
User: i mean search stuff and try them
privesc: search for stuff and do what u know with them
root: study how the language works and how u can leverage after u solved the first problem
Pwned!
Since the machine is still recent, I won’t write tips here. But feel free to PM for help.
4 Likes
It’s so simple but you should search for it.
User: a secret is hidden somewhere.
Root: a digit will work but don’t forget to track.
A ■■■■ good box for beginners
1 Like
Base64 encode your payload first, then use this as your payload:
echo ‘<base64_encoded_shell>’ | base64 -d | bash
2 Likes
can I get a small hint for the root? I think am pretty close though
1 Like
Its only logical from there
You can exploit it on either page, dont let the port number hold you up
i think thats the easiest machine on this platform, looks like a THM box
Cool machine!
foothold: just google
user: open your eyes it’s right in front of you
root: copy the script on your PC and play with it, you’ll soon understand (2 steps)
1 Like
If you still havent figured it out, check this resource:
After going through the first part in root, how should I approach the second one?
Can I have an hint for the root ? I found the trick to bypass the password check but cannot find anything to do with it
create a script
Spy what’s happening and try to be WILD
I went wild at it, but I’m blocked and I know it’s right there, but my eyes can’t see… I’m open for tips for the second phase for root if anyone can DM me…
A very good machine, I really enjoyed this one.
User: keep trying things you see on google, trust me
Root: Its code, you know some WILD things you can put in an input. Just track the process and you are all done.
1 Like
Pwned! +1 @0xffffff
1 Like