Official GreenHorn Discussion

Done. I was able to bruteforce p**** password, without going the gitea route.

Keep trying… it took me around 5 or 6 times to get the shell…

Spent a whole day in d**** but still can’t get any meaningful result, am I on the right way or is there some other way to exploit it?

1 Like

Don’t upload the file to the files section. Look at the vulnerability in detail to find the solution.

HELP, Every time i upload my exploit i get a file not found. when I run the POC script I get File Not Found. I follow every example of this vuln, I can find I follow to the tee. In all the example the exploits works, but when i follow along and repeat the steps. I get a FILE NOT FOUND. can any1 tell me y?

1 Like

can someone help me

IP file path: /home/user/Desktop/payload.zip
Login account
ZIP file download.
File not found.

Finally got root flag after a day. My hint is: Don’t screenshot, export :wink:

cant get the root flag cause it’s always down and no more restarts for today