Look for an exploit tool on the net
Did you get any help?
Have the same problem. I use popular exiftool exploit script to generate jpg but it seems like the site doesnt execute it. I changed IP in the script to my Kali VM and set port to 9090 then i nc on this port and upload the image but nothing happens. Any ideas?
That was a strange box. It was soooo hard for me to get user from initial foothold, but then I got root in like 10 minutes
Iāve been stuck trying to get User for two days. I have a shell and I can make the .s** file work for me when I trigger it directly but no matter what I try I canāt get it to work in the way it needs to. Iāve tried so many different payloads etc. to try and avoid root getting in the way with its job but I canāt get it to work. A PM with a nudge would be appreciatedā¦
When I try to exploit the imagemaā¦ to obtain user I get the following error āUnknown IO errorā. Iāve tried several rce images from several public exploits but with no successā¦
Done User part was way harder than privilege escalation, which took me like 15 minutes. If you need any help, PM.
got user, but failed to pop a reverse shell as userā¦
I have been stuck on getting user for a long time now. I believe I am on the right track but just canāt get it to work! Anyone willing to DM to double check for me?
Edit: Finally got user and root not too long after!
i found a subdomain and this box is related to exiftool exploitation , if you want more come to my discord
Cuddos to @Nauten for creating this. I donāt review many boxes but made sure to leave this one 5 stars.
A correctly rated machine with a logical approach to exploitation.