Official OpenSource Discussion

Official discussion thread for OpenSource. Please do not post any spoilers or big hints.

4 Likes

Has anyone gotten a shell on the box? If so, how? I found the app is running in a certain mode but can’t figure out how to get the p** to unlock the con****. If I could get files somehow, it would be a breeze, but I haven’t figured out a way yet. The source has not helped too much. Any hints appreciated!

2 Likes

Assuming you’re talking about the movement from foothold to user? If so, I went about it in a different way that required finding some Creds.

I found some creds but don’t know how to use them; maybe it has to do with the mystery port I could not identify??? Also I found the L** vulnerability but the entire proc directory returns blank so I cannot reverse engineer the p**.

it does not matter, but the trick leading to it matters. apply it elsewhere to get foothold.

I got a s***** using a ****** script, but I don’t know how to use it. Any hints?

Yo, this is my first release arena box, is there “a specific UDP” port that all release arenas use as a dependency or is it actually just a part of this box?

There is some useful documentation on how I can read files from machine server side trough URL or RCE on these types of webapps?

Are you sure there’s an L** in this f**** app? g**_f***_n**** looks solid. Any hint on finding an L**?

Thanks to B******** I exploited L** but i don’t find yet a way to get R****** S****

1 Like

It’s not always about going back to the root, sometime the root is just in front of you.

Hmm… Are there more than 2 ports open on this box? Maybe there’s something wrong with my instance. Otherwise it doesn’t at all look like an easy box

1 Like

Nice machine some tips I think may be useful:

You have the source code, and when you get the L** use it.

For user, there is a port that appeared filtered, perhaps now it’s accessible?

For root, the path is very close to home .:slight_smile:

If you need any hints drop me a message.

If this is a spoiler please remove it.

9 Likes

I really can’t think of anything for the L** vulnerability. Any hints to give?

Hi, I don’t find the L** vulnerability and I would say that I have all the rest to get the P** but I need the L** vulnerability to get some info and get the P** but I don’t find the L**. Some hint??? DM me

I have L** and can read procfs. I have spent hours fiddling with the d**** c****** P** generator but can’t get it working, even with cg**** stuff. Followed several vids and writeups and still no luck. Am I on the right path here?

Hey all, any small helpful hints for this box? I am a super noob at hacking in general and anything would be appreciated. Thank you!

  • For foothold, DONT waste time on the PIN:
    1. read the source carefully.
    2. retired box Backend & BackendTwo (public WP available) helps in final foothold.
  • For user, pivot is the key.
  • For root, usual enumeration to monitor root activity.
6 Likes

I’m not seeing something… PIN would be a rabbit hole, but since I have to use SOURCE…

Thanks for the tip on the PIN. Wasted alot of time there.

Am stuck after pivoting, is this situation related to the Backend box?