Official Paper Discussion

system · February 5, 2022, 3:00pm

Official discussion thread for Paper. Please do not post any spoilers or big hints.

secnigma · February 5, 2022, 5:13pm

Hope y’all have fun with the box and I wish every easter egg gets found.
Happy hacking guys!

jeffstu · February 5, 2022, 9:23pm

Struggling with this one, Any pointers?

IAmNotAMonk · February 5, 2022, 9:28pm

same, still going at it, trying a few new ideas, thrown most of the usual at it.

vanderma · February 5, 2022, 10:15pm

Please any hint

johnnyvf24 · February 5, 2022, 11:56pm

If you’re like me and are completely stuck at the web d*r b**ting phase for a few hours, I recommend you try something out of your comfort zone. Something like n*k*o.

skyawesome73 · February 6, 2022, 12:34am

I saw there is weird behavior when you try to access a php file. Is there a reverse proxy or something to exploit?

johnnyvf24 · February 6, 2022, 1:25am

PM me if you need a hint.

Harbard · February 6, 2022, 2:32am

Really Solid box with great bread crumbs along the way. Thank you @secnigma!
DM if you need a nudge

JAKAMI · February 6, 2022, 2:48am

Struggling really hard with that, I’m pretty new to CTF. Tried searching for CVE’s for the Apache Version, bruteforcing the SSH Login, scanning all URLs, looks like a default Webserver to me… Any hints where to look? Would love to get a pm

King0f5tocks · February 6, 2022, 9:17am

It looks like there’s an exploit sitting on the server called pk.sh, is this part of the CTF? Or did someone accidentally add a file?

DrDragon79 · February 6, 2022, 9:27am

It’s intentional. Nobody placed it there. Also, release arena gives you a private instance, so it’s not possible.

secnigma · February 6, 2022, 2:18pm

It wasn’t intentional.
The script was accidently placed there by the testing team.
It is patched now.

secnigma · February 6, 2022, 2:22pm

It wasn’t intentional.
The script was accidently placed there by the testing team.
It is patched now.

alemusix · February 6, 2022, 3:40pm

Too bad I rooted the machine before the fixing. The intended way for root involved p—t or was completely different?

King0f5tocks · February 6, 2022, 3:57pm

Argh, I just got back in the machine after taking a break, got a shell, and spent 15 minutes looking for the script, lol. Time to do this the right way.

secnigma · February 6, 2022, 4:11pm

I’ll DM you.

dalemazza · February 6, 2022, 11:16pm

Rooted.

Foothold: talking helps

Root: EZPZ if you keep an eye on the news

Malrius · February 7, 2022, 12:39am

I used n*k*o to find the “x-backend-server”, but I am unable to connect to http://******.*****/ for some odd reason. Firefox gives a Server Not Found error and says that it can’t connect.

Tnr1112 · February 7, 2022, 2:15am

You should to add to the /etc/hosts file like 10.10.10.10 lala.htb

Topic		Replies	Views
Official Resource Discussion Machines	156	4486	November 23, 2024
Official Compromised Discussion Machines	210	22161	January 25, 2021
Official Backdoor Discussion Machines	93	11062	May 30, 2022
Official OnlyForYou Discussion Machines	186	12439	September 7, 2023
Official Proper Discussion Machines	31	4343	August 19, 2021

Official Paper Discussion

Related topics