Official discussion thread for Pandora. Please do not post any spoilers or big hints.
2 Likes
Any clues where to start from?
I am currently trying to do something with the API. Can someone give me a nudge or PM since I have no clue how the API works or how I could use it since the documentation is very confusing.
You can read the documentation or watch the processes.
I managed to dump the users but a lot of good that does since I can’t crack the other users lol or the one that matters most.
Kind of thinking I’m missing a step. Any nudges?
1 Like
Any nudge on how to discover the api?
Basic enumeration. Look around check the normal files. Look up a enumeration cheat sheet if you need.
Yeah I was able to list users too but that’s it. I have found like absolutely nothing about this technology on the web in terms of security write-ups or exploitation techniques which makes this pretty challenging.
You can get their hashed passwords. Yet only one I was able to crack was the one we already have lol.
Have to put the box on hold. Start the PNPT exam tomorrow 
1 Like
Unfortunately I got the same results. Currently looking at the docs to try and find anything useful. Maybe I look more closely at the files on the box.
Yeah, feel like a step is missing. The user is confined can’t really do anything. Doesn’t feel like the right path and the documentation didn’t have anything that stuck out besides what I’ve already tried.
Something is missing. Good luck!
Can you suggest the initial stage? I can’t find the api
Rooted! Nice “easy” box, puts to test your enum skills. Here are some hints if you are lost
Foothold:
It starts with the port scan. Yeah, simple
User:
When you got the foothold, perform an enum on the really basic service you PLAYed with before. Read all the found stuff carefully! The needed thing is hidden from your machine’s eyes. When you got to it, look around. Enum. Google. Make sure to google correctly. Read. Suffer. Exploit. Avoid the *** rabbit hole, nothing shiny there
Root:
Standard. What can you run? What is run? How can you exploit it?
Hope this helps. If you are stuck and frustrated, feel free to DM. Just make sure you have tried all the stuff, otherwise you are learning to get hints, not to get roots
3 Likes
User was medium style but root was very easy.
Nice box, thanks to the creators I enjoyed it.
But why is the machine immediately shut down when I submitted the root flag 
Hey, got the foothold but can’t for the life of me move on. I must mention that I am a newbee in all of this. Any nudges to get creds for the privileged user? Thanks
Whoever rated this box as easy is smoking some serious stuff. I want that. This box is probably harder than all mediums. Srsly, though this should not be begginer’s box.
16 Likes
this one was a toughie for me…or i’m just rusty
foothold - be thorough with your initial scans, theres more than stateful connections. It’s that “simple”, find that protocol. Enum it hard.
user - very tough for me. Thanks to @TheCyberGeek for the nudge. As mentioned before, research the app on the Internet, research the version. This app seems full of potentially unproven holes. There is some research on the way the app checks who you are when you ask for things. That’s all I can say without spoiling it.
root - business as usual. This box is hard on the outside and soft in the inside. Make the misconfigured and “confused” utils do what you want.
hmu if you need a nudge, good luck!
2 Likes
Finally rooted this box; honestly a pain.
Foothold is easy with enum.
User was very hard; had to do lots of digging on methods of exploitation for the service. Check out some blogposts and really understand the vulnerability; it will help you exploit it. Also a very powerful tool is a big help here.
Root is nothing special really; didn’t take too long to crack it.
I’m not sure if it was right to mark this box easy.
Also a very powerful tool is a big help here
Agreed, though really it only seemed to get me part way. Had to fiddle and fiddle and fiddle to finish it off. Smooth sailing after that. Not sure it’s “easy”.
any hint with the foothold ?
Basic enumeration.