Official Feline Discussion

@m1r3x how did you find this kinda file, I have already used filter to extract all js files in gobuster. It revealed only u****d.js

Type your comment> @offs3cg33k said:

@m1r3x how did you find this kinda file, I have already used filter to extract all js files in gobuster. It revealed only u****d.js

nvm, I wrote wrong file name by mistake.

â €

I can see the filepath where it attempts to put the file you upload, just have no idea how to utilize it. Any nudges? :slight_smile:

Are we sure that there is any kind of analysis on the uploaded files ?

Rooted, great box :slight_smile:

Got user! Very educating user process.

Type your comment> @Caracal said:

Rooted, great box :slight_smile:

any nudges for root?

Any nudges for root? All my enumerations have failed me so far.

@m1r3x said:

@Caracal said:
Rooted, great box :slight_smile:

any nudges for root?

@purplenavi said:

Any nudges for root? All my enumerations have failed me so far.

Enum carefully the network environment, google and you are in.
You are in ? Great ! How much you know about a common way to communicate between application and the environment you are in ?

I got the user (thanks for the nudge @gverre about the s*rial…).

NSE vulners could help you to identify the right security issue…

After, Google to find an interesting article… but before you have to try different things to find the right path… B*rp could help.

Tried everything to enum the right file path for my uploads but couldn’t able to figure out. Any nudges

Type your comment> @rahul63425 said:

Tried everything to enum the right file path for my uploads but couldn’t able to figure out. Any nudges

dm

can someone nudge me on the root part. I think I have figured out something, but can’t guess which way to turn it to exploit

rooted. Great machine and I learn so much from it! Rated it 5/5 :smiley:

Can someone provide a nudge for user. Reached a point where am able to upload certain files and it leaks a t**p path. Feeling stuck. Unsure how to proceed further.

Spoiler Removed

Spoiler Removed

If you think you know what you’re doing to get the user, don’t do like I did and chain commands together. That did not work for me and I wasted too much time. Do each command separately to get user shell (but there may be other ways that I am unaware of).

It was a very interesting box and i’ve learned a lot, thanks to MinatoTW & MrR3boot :slight_smile: