Official discussion thread for OpenSource. Please do not post any spoilers or big hints.
Has anyone gotten a shell on the box? If so, how? I found the app is running in a certain mode but can’t figure out how to get the p** to unlock the con****. If I could get files somehow, it would be a breeze, but I haven’t figured out a way yet. The source has not helped too much. Any hints appreciated!
Assuming you’re talking about the movement from foothold to user? If so, I went about it in a different way that required finding some Creds.
I found some creds but don’t know how to use them; maybe it has to do with the mystery port I could not identify??? Also I found the L** vulnerability but the entire proc directory returns blank so I cannot reverse engineer the p**.
it does not matter, but the trick leading to it matters. apply it elsewhere to get foothold.
I got a s***** using a ****** script, but I don’t know how to use it. Any hints?
Yo, this is my first release arena box, is there “a specific UDP” port that all release arenas use as a dependency or is it actually just a part of this box?
There is some useful documentation on how I can read files from machine server side trough URL or RCE on these types of webapps?
Are you sure there’s an L** in this f**** app? g**_f***_n**** looks solid. Any hint on finding an L**?
Thanks to B******** I exploited L** but i don’t find yet a way to get R****** S****
It’s not always about going back to the root, sometime the root is just in front of you.
Hmm… Are there more than 2 ports open on this box? Maybe there’s something wrong with my instance. Otherwise it doesn’t at all look like an easy box
Nice machine some tips I think may be useful:
You have the source code, and when you get the L** use it.
For user, there is a port that appeared filtered, perhaps now it’s accessible?
For root, the path is very close to home .
If you need any hints drop me a message.
If this is a spoiler please remove it.
I really can’t think of anything for the L** vulnerability. Any hints to give?
Hi, I don’t find the L** vulnerability and I would say that I have all the rest to get the P** but I need the L** vulnerability to get some info and get the P** but I don’t find the L**. Some hint??? DM me
I have L** and can read procfs. I have spent hours fiddling with the d**** c****** P** generator but can’t get it working, even with cg**** stuff. Followed several vids and writeups and still no luck. Am I on the right path here?
Hey all, any small helpful hints for this box? I am a super noob at hacking in general and anything would be appreciated. Thank you!
- For foothold, DONT waste time on the PIN:
- read the source carefully.
- retired box Backend & BackendTwo (public WP available) helps in final foothold.
- For user, pivot is the key.
- For root, usual enumeration to monitor root activity.
I’m not seeing something… PIN would be a rabbit hole, but since I have to use SOURCE…
Thanks for the tip on the PIN. Wasted alot of time there.
Am stuck after pivoting, is this situation related to the Backend box?