Official Precious Discussion

Official discussion thread for Precious. Please do not post any spoilers or big hints.

1 Like

got reverse shell

Any hint?

Easiest machine bro try it:)

Root flag got within 1.01 -H

Any hint for privesc plz

:gem: ROOTED :gem:

Nice machine, entertaining and with new things.

Send DM for any questions :hugs:

2 Likes

Any hint? Is it OWASP Top 10?

for me getting to user was not about a cve
enumeration of files and their contents helped me.
i used an automated tool but i still had to look at the contents of files to get what was needed

Which tool did you use

Rooted. DM for hints

1 Like

Please give me some hints to get a reverse shell

Rooted. DM for hints.

User: There are two vulns to get a reverse shell.

Root: Check your rights and what you can do.

1 Like

Some hints here:

For user:

  • Check the pdf properties.

  • Inside, search for hidden things.

For root:

  • You can create an evil file to read.
3 Likes

please help i’m stuck on the convert to pdf

Look at what converts the website to pdf.

enumerate harder. Look at everything. Google everything too

Any nudges available? So far have gained access to a revshell (usr R___y) but unsure as to how to upgrade shell and gain access to usr (H___y).

Yours in spending too many hrs on Google trying to figure it out,

Hi, i just got access as an unprivileged user, can anybody give me a hit about how can I achieve as the user who has access to the flag?

Any hint for convert URL to page? I keep trying but always get error message " Cannot load remote URL!"

edit:Solved,thanks for help! Use burpsuite…same payload in firefox give me error,but in burpsuite give me a pdf.