Official Photobomb Discussion

I am honestly lost, I’ve tried to play with the parameters in so many ways, without a result. I decided I need to look at OS command injection labs in PortSwigger. I will come back to this machine after I am done learning there.

Rooted!!! xD just 45 min to get foothold. hehe

PATH is the environment variable in Linux. PWD means current working folder. This line sets PATH environment variable to working folder plus previous path that PATH variable contained. It is appending the /opt/ directory to the PATH environment variable.

Got user, now trying to understand how to approach root.

If you need help feel free to pm me and we could discuss on discord regarding it :slight_smile:

Why it is allowed to us to change the root PATH?

Hi there if anyone is willing to help me understand the steps of getting the user flag I would greatly appreciate it.

I have already gotten the flag but I would like some things cleared up about the tools and approaches used and why.

I’ve hit a wall when i get the reverse connection. There is no editor available in the user shell. how do i upload a file through the nc connection please

burp can be used to INTERCEPT messages from a TARGET website

Hey guys, so I established foothold and now I am well aware that I need to change the PATH variable to the find command. In order to that I want to create a new find executable. However, when I try to create a new file using vim, I can enter insert mode, but I cannot exit it. Esc doesn’t work, ctrl + [ doesnt work and when I try ctrl + C I cut the whole reverse shell. Any tips or tricks?

ok got the root flag. The box was a bit trickier than i was expecting. kind of had a “preloaded” idea it would be simple. I suspect its easy rating will have shifted a bit before its retired

I tried command injection in file type but i am not getting a reverse shell

How many shell types have you tried?

does anyone want to help? It will be much appreciated!

what have you tried so far?


Research stabilizing reverse shell. It’ll fix those navigation problems

Feel free to pm for help guys, we can discuss on discord too

Just finished the first portion of Starting Point and I’m a bit stuck when it comes to what I can do after I’ve followed the inspecting part of this machine.

For root: you do not need to do anything complicated. Think about what you can do with the PATH you create. Don’t overthink it, and you will FIND the way