Official Feline Discussion

Yess, got root finally! The root was hard, but only because my knowledge of containers was limited. A really good and educational box, I learned a lot. Thanks!

If you need nudges, happy to help.

Rooted. Great machine, yes. A lot of interesting new things for me too.

Thank you to @MrR3boot and @MinatoTW :slight_smile:

Really fun root path, cheers @MrR3boot and @MinatoTW

If anyone can help with getting the right path, will appreciate it. Been stuck for the past days on that

It was really a good machine. Just now rooted it. A highly educational machine. I learned a lot of things I never heard of before. Thanks for the box creators. The only thing which was annoying is from the user shell, whatever file we upload, it will get erased suddenly. So we need to act quickly, it frustrated a lot. But the lateral movement and root part is completely new for me.
My hints:

For User: Analyse the request and response and google FU.
For Lateral Movement: Check all the open networks and analyze it with nc. Google it for a CVE.
For root: Once you’re in, check all the files in ‘~’ and google FU.

@gunroot said:

It was really a good machine. Just now rooted it. A highly educational machine. I learned a lot of things I never heard of before. Thanks for the box creators. The only thing which was annoying is from the user shell, whatever file we upload, it will get erased suddenly. So we need to act quickly, it frustrated a lot. But the lateral movement and root part is completely new for me.
My hints:

For User: Analyse the request and response and google FU.
For Lateral Movement: Check all the open networks and analyze it with nc. Google it for a CVE.
For root: Once you’re in, check all the files in ‘~’ and google FU.

It is possible to have a user shell without even upload a file, apart from the file that you call, it save you time and frustration :wink:

Type your comment> @0xLich said:

If anyone can help with getting the right path, will appreciate it. Been stuck for the past days on that

Dm

thx @MrR3boot @MinatoTW

Great box, learnt a lot! pm for hints ^~^

Thanks @iampachinko for helping on user. For now great box :slight_smile:
Rooted, nice one.
Remembering from previous @MrR3boot boxes, he likes three times commands to be executed .

one of my all-time favourite boxes, very realistic and current, popular technologies

Very good box.

It is also one of those boxes where just as you think you’ve finished, you realise you haven’t.

Spent an inordinate amount of time dealing with typos but if you can avoid that, User is a known method for the technology in question.

Getting root took me longer than it should and I still dont know why. I was fairly confident I’d done everything correctly but it didn’t work. In the end, a modified approach was successful.

it was one of those machines where i would poke around a lot after getting the root flag to try out things beyond getting the flag. Always a sign of an interesting machine.
Getting root also took me some time, but it was very rewarding in the end and a great experience.

Type your comment> @TazWake said:

It is also one of those boxes where just as you think you’ve finished, you realise you haven’t.

I can sense what you thought that time. ?

@gunroot said:

I can sense what you thought that time. ?

(nodding)

Rooted. This was fun and educational. It is amazing that we always learn something new even though it seems there is you know everything about specific application :slight_smile:

Thanks @purplenavi for nudges.

Rooted finally!! A super educational box. Thanks @purplenavi for the help.

Anyone feel free to DM ?

Rooted! :slight_smile:

Question, for the exploit writeup from a blog about the RE vuln, are we supposed to receive error messages as shown in the writeup? Burp doesn’t return any s***** errors if you direct it to the wrong location for me

Type your comment> @m0zzare11a said:

Question, for the exploit writeup from a blog about the RE vuln, are we supposed to receive error messages as shown in the writeup? Burp doesn’t return any s***** errors if you direct it to the wrong location for me

From my experience it doesn’t cause expected error 500 for random location. You only see an exception if payload ‘worked’.