Hello I got the LFI (I wasted so much time trying to read outside root folder but I guess it’s not possible) and read app.js and leaked secret. I’m trying to use cookie monster GH repo to craft cookies but they are not working. Anybody available to chat?
Edit: finally got into the box. Onto root now!
Finally rooted! this Box was an amazing journey and a very hard box. Learnt a lot of things. Thanks for the box!
Hey!
Would you share the paths for root with me? tried a way by compiling a file.
Is anybody around for a sanity check for root? I’m so close yet so far…
I’m stuck searching …ql credentials
If anyone has the foothold figured out I would really appreciate an additional nudge. Been stuck with the ability to view all files for a long long time and nothing I’ve tried has been successful.
I can see all the files and can forge cookies. I have tried a serialisation payloads, tried leaking the passwords through editing the “user”, tried sql like injection, and tried changing the “username” (as this is reflected back in several places and goes into an insecure sql query).
Have you find some .json file? It could help you about which user to use
Yeah, I have that. But I don’t understand what I can acheive with the user name?
You can look into that file, for any user or dependecies used in this application
When I try to do LFI in /download/ folder, I am getting forbidden error, could you pls help me
I need a full copy of the report on it to study
I got access to all those unusefull files … and now ? It must have something to with this forged cookie . Someone could give an hint please ?
Ended the machine, thank you @hackw3ll @jecpr636 @JimShoes @Bl4ckSl0th for the help.
If someone want help with user or root just PM me.