Official RedPanda Discussion

Hi binho1337
I found ssti vulnerability but when send a command curl/wget for download my shell, the target server responde with a timeout… All rules of my iptables are flush .
Any hint ?

1 Like

Me too… I have some problem… When I try to upload my reverse shell with wget or curl the target machine responde me by a timeout connection

for me, +x works. you might need to url-encode + to %2b as it represents space char if not url-encoded.

It seems that I got a free pass on the user flag as someone opened a web page on 8000 with access to the source code, which included some useful creds. I couldn’t work out why everyone was bothering with SSTI and reverse shells when user was so easy! Now that web page is no longer there I realised what happened.

Some comments suggest that you need the extra privs of the reverse shell over ssh to get root, this is incorrect. I avoided the reverse shell step but still got root.

you can download the app and run locally, observing all changes.
via local testing i noticed i’ve thought too hard. simple exploit works.

Fun box. User part is tricky, root part is really straight forward.

DM me if you need nudges.

6 Likes

I finally got root key. However, I still a little bit do not understand how XXE actually works here. It starts working when XXL is parsed in MainController.java or how? Can anybody help?

Finally I rooted RedPanda. 100% agree with the other guys who said the PE Hard.
My hint for PE : Study a minimun Java Language

Bye
Cuz15

could someone help me with the reverse shell, i’m trying to set up the payload but i’m not getting the “reverse shell”

try this, bro

1 Like

i was using this site and i got a rce, but the reverse shell does it work ? beceusa i wasn’t getting a reverse shell, i’ve tried with python3, bash…

thanks bro, i’m new to all of this, was looking for any sort of help, you just remined me why i started this, not because it was easy, its a challenge that you should figure out yourself and feel the pride as you accomplish it on your ace

1 Like

try to create a payload using msfvenom. i just created payload for linux (elf) and then executed in terminal. you need just upload this elf file to vulnerable machine and execute it

1 Like

I am facing the same issue right now :frowning:

what i can study to capture root flag ? pls help me, no spoilers.

Stuck on snagging rev shell - I already know a few things, but can’t quite get the payload right. Any nudges in the DMs would be helpful!!

same here

Hackthebox machine webpages not loading when entering IP address into search bar

Guys, I already took the user flag, but I am stuck how to get a reverse shell. Very grateful if someone helps me

pls help me