Official Photobomb Discussion

Official discussion thread for Photobomb. Please do not post any spoilers or big hints.

1 Like

I found the endpoint with the login for a printer, but there doesn’t seem to be credentials online for that specific printer. Am I missing something?

probably using sinatra webframework

Look closer at the home page, try viewing some things.

I’ve tried with steganography in all photos but I dind’t find anything. I realised that sinatra webframework is used but i cannot look how can I exploit it. And I tried Directory T******** but nothing. Anyone with more info? Thanks

In the first part we have some in information in .js file :wink:


heh fun times

I’ve got the authorization but I don’t know what to do now?
Anyone can hint me something?.

Auth and some verbose error messages

Maybe a username

:camera_flash: :bomb: !! ROOTED !! :camera_flash: :bomb:

Nice machine, simple and entertaining.

Send me DM if you need help :smile:

1 Like

First time pwning a release arena machine! User flag wasn’t very hard… but I don’t know much about Privilege Escalation, so it took me some time to root.


got root!

nice machine with basic foothold. Root wasnt difficult since something seemed irregular to me but definitely had me add something to my notes.

as always DM if you are stuck

1 Like

Look closely to the parameters :wink:

Which parameters are talking about exactly ? I found also some stuff about sin***** but for now I’m not able to gather something interesting, except the port on the loopback address, but i think it cannot be exploited

Need hint. please dm me. I’m able to view protected content.

1 Like

any recommended payload for LFI? or should I check manually?

can you help me please on getting a foothold, i havent got a clue how to get the printer creds, ive also seen a page with something about sinatra on is that any use?
thanks in advance :slight_smile:

Well, on my side I tried to put something in the field for file**pe on post rq, to perform a L*I, but nothing works for now. I’m pretty sure it’s something here, but nothing seems to work for now. :frowning:

Some hints for the machine :bomb:

For user:

  1. Use the web inspector, search into the links.
  2. There is nothing local to read
  3. A parameter will be your blind ally.

For root: The environment and cleaning is in your hands.