Official Feline Discussion

htbapibot · August 29, 2020, 3:01pm

Official discussion thread for Feline. Please do not post any spoilers or big hints.

GlenRunciter · August 29, 2020, 8:03pm

Yeah, I could use a bit of help on this one, I see the obvious path for the foothold but no idea how to trigger it. Would appreciate some reading material or a nudge

choupit0 · August 29, 2020, 8:54pm

FYI, sample area (upload file) is functioning with chromimum but not from Firefox for me. I’m using Kali Rolling.

choupit0 · August 29, 2020, 9:05pm

Type your comment> @sparkla said:

I see absolutely nothing obvious. There’s u***.j** that’s pretty much happy about anything you feed it, except for a certain type.

I found a l******.t*t file also. Concerning the author of the website code, with a link.

choupit0 · August 29, 2020, 9:08pm

Type your comment> @sparkla said:

@choupit0 said:
I found a l******.t*t file also. Concerning the author of the website code, with a link.
That’s usually just the author of the free html-template.

Yes, nothing interesting.

W4RR10R · August 29, 2020, 9:49pm

Does this box require setting up p**tfix or something similar? If so, could one point me to good rescources to securely deploy an S**P server? Thaks

gverre · August 29, 2020, 11:28pm

I’m pretty sure to know what is the vuln to exploit. I know uploading a certain filetype leak a lot of informations about where the uploaded file is saved. I can upload my sed ot "son" file. But cant find the good path to make my JS*****D point to it… If someone can give a nudge. Or share some toughts.

Edit: Finally got it! Path is really helpful…

Edit: Rooted. Amazing box! Thx @MrR3boot and @MinatoTW

wazKoo · August 30, 2020, 6:42am

No Idea what it is doing on the backend, like folder structure to get se***d ot file

gs4l · August 30, 2020, 9:47am

I am able to upload certain files from the service page (except image files) but I cannot find where the file is uploaded. Can someone give a nudge…

usertam · August 30, 2020, 9:58am

Same as above… no idea where to find/use uploaded files. Nudges please

j0x1nx · August 30, 2020, 10:04am

im tryn to read u*.j*p to see where the files i uploaded go but i get invalid request not sure if im my steps are correct or no

m1r3x · August 30, 2020, 11:01am

.

offs3cg33k · August 30, 2020, 12:24pm

@m1r3x how did you find this kinda file, I have already used filter to extract all js files in gobuster. It revealed only u****d.js

m1r3x · August 30, 2020, 12:31pm

Type your comment> @offs3cg33k said:

@m1r3x how did you find this kinda file, I have already used filter to extract all js files in gobuster. It revealed only u****d.js

nvm, I wrote wrong file name by mistake.

m1r3x · August 30, 2020, 1:28pm

⠀

purplenavi · August 30, 2020, 1:29pm

I can see the filepath where it attempts to put the file you upload, just have no idea how to utilize it. Any nudges?

Dje · August 30, 2020, 2:12pm

Are we sure that there is any kind of analysis on the uploaded files ?

Caracal · August 30, 2020, 3:16pm

Rooted, great box

purplenavi · August 30, 2020, 3:59pm

Got user! Very educating user process.

m1r3x · August 30, 2020, 5:40pm

Type your comment> @Caracal said:

Rooted, great box

any nudges for root?