while in admin panel, just try to play with parameters, something weird will happen, once there, you gonna find out
1 Like
Foothold took some time.
After that It was all downhill bowling ( or whatever the appropriate metaphor is ) 
When it came time to escalate from user to root i realized there were probably much much easier ways of forcing a foothold in the first place.
i.e. one that uses the available options , not one that hijacks the entire flow.
I think i am going to start this box up again soon and see if can create a more elegant hijack .
I have a feeling this is one thing commandercool intended when creating the box.
1 Like
Rooted!
DM for hints
I am currently at admin page and i can’t move further.
Can please someone help
there is only one thing that you can do when u got into the admin panel…
Enlighten me…I’ve tried several things but not the expected results.
1 Like
Got stuck in very beginning (login page) 
Need hint
1 Like
Any hints for initial foothold? I know what’s running, but just getting 301 redirects to a non-resolvable URL
1 Like
If it is not resolvable, check the local file that resolves hostnames 
1 Like
Finally Rooted
Sess ID, Whitelabel error occurs in a framework, Use Seclists enumerate more
Perhaps this one will be helpful for some of you: once you get access to the desired page, try to understand the request and where it is being sent. Try to use various techniques, hacktricks can help.
2 Likes
The machine is down ?
1 Like
Finally rooted
imho user flag is lot more difficult than system flag.
can i have some hint? i found the used framework and searched about vulnerability but im still stuck, i dont know what to do… maybe if someone can text me?
1 Like
i need help with the sql injection
Finally rooted, i like this machine personally, but root was very easy…
any hint ?
dm
I’ve found the hashes/keys in sessions for the k*******n guy but how do I use them to log in?