Rooted it! Root in comparison to initial foothold/user was fairly easy. Nice box nevertheless, I’ve learned a new attack vector from it.
id
uid=0(root) gid=0(root) groups=0(root)
RooteD~!
figuring out the technique to get foothold was tricky.
Rooted, feel free to PM me if you’re stuck but please be sure to say what you’ve done so far and get ready for ambigous hints 
As for nudges:
Foothold - Sometimes things can appear different when we look at them from a different direction.
User - You have something that can help you look someplace. Anything weird there?
Root - sometimes it’s good to get back to basics and to start off with a clean slate.
Definetely not an easy box, but big fun and learned a lot
As often, user is the harder part, root is very well documented, just use what already exists. For User and Root: enumerate, enumerate, enumerate very carefully
pm me if you need a hint
I was able to get to the login page but I don’t understand why it worked and really want to know before moving on. I’d appreciate if someone could PM me about that
@0xL said:
I was able to get to the login page but I don’t understand why it worked and really want to know before moving on. I’d appreciate if someone could PM me about that
It depends what you mean about why it worked.
I suspect your question is down to how HTTP works and the way the hosts header works.
Yes, I didn’t want to say too much but that little bit you just said is enough for me to go and do my own research. Thanks
Hello guys, i’m stuck on getting the user, i’ve seen that it’s par of some groupe but i got nothing from there !
could you please give me a little help ?
Thanks
Update : i got it ^^
Hi, thanks everyone for the hints.
I managed to get user & root.
Foothold : very interesting way of injection
User : enumerate… there is one thing you have access to…
Root : pretty simple
hello guys, is it normal that I can only see a single page on this machine?
I tried gobuster but it can only find css, images, fonts, and js
any idea?
nevermind
how to use the exploit for the root i cant use any command cause of the bash term
Type your comment> @N00p said:
how to use the exploit for the root i cant use any command cause of the bash term
never mind rooted the box
Just rooted it. Excellent box, although definitely harder than what I was expecting for an “Easy” box.
The only hint I want to add to the many already given is that there are variations of the “quiet” exploit and not all work.
Beginner here working on foothold. I’ve managed to upload a test script and track down the output. I assume I need to use n* to launch a s**** but I have no idea how to figure out what payload to use or how to format it. Any good sources to learn this?
@Vomocer said:
Beginner here working on foothold. I’ve managed to upload a test script and track down the output. I assume I need to use n* to launch a s**** but I have no idea how to figure out what payload to use or how to format it. Any good sources to learn this?
You don’t need n*. There is a site which covers payloads for all things. Find it and have a look. One of them works really well here.
Type your comment> @LeChatP said:
GG to 2 First blood
Mate, noob here. First box. Did a few scans, got open ports. But a little Nudge Anyone ?
@SydneyJR said:
Type your comment> @LeChatP said:
GG to 2 First blood
Mate, noob here. First box. Did a few scans, got open ports. But a little Nudge Anyone ?
It depends what you are stuck with.
If you have something you can post data to, try different attacks and see what works.
If you don’t, look closely at the information you have and modify how you are requesting pages.
@TazWake is it cool if I DM you? I think I’m close and missing something dumb since I’m new but I don’t want to post any spoilers here
@Vomocer said:
@TazWake is it cool if I DM you?
Always.
I think I’m close and missing something dumb since I’m new but I don’t want to post any spoilers here
I has been get shell via SI, and executed the li***.sh to enum some info for privesc, i noted the lo*****te seem like vuln.
Am i on the right way?
I has stay this step for a while, could anyone give me a nudge?