Finaly got user pff! @S1ckB0y tnx for the headsup when i was stuck.
is something broken, I can log into (not social site) but am greeted with an error.
Type your comment> @luca76 said:
Type your comment> @Zot said:
I successfully implemented a cookie stealer utilizing hashtag.php. So far, only snarfed my own cookie. The only place I can even get an href to render properly is my profile website.
I don’t think this is a spoiler because it helps with absolutely nothing, more like a “don’t waste your time” spoiler.
For get a cookie just go on inspection browser and then on console and write “window.cookie” or tab storage cookie
No luca, I wasn’t trying to get my cookie, I was trying to steal whoever was in charge of the support boxes cookie. It’s all good, I got user now. To anyone reading this, FORGET ABOUT COOKIES! (like Luca said)
Type your comment> @Zot said:
Type your comment> @luca76 said:
(Quote)
No luca, I wasn’t trying to get my cookie, I was trying to steal whoever was in charge of the support boxes cookie. It’s all good, I got user now. To anyone reading this, FORGET ABOUT COOKIES! (like Luca said)
I have the user too, and I have a shell, but it’s not easy anyway, in fact I would say that now the road is uphill for me, I’m not good with P **** s *** l
managed to read the root.txt but didnt get a root shell. Anyone who managed to get a rootshell? 
I’ve been in a shell for two days without being able to do ■■■■, but what fucking witchcraft is this?
rooted without root shell. I don’t think this box could pop root shell, since we’re limited function
Interesting, I have a fully functional user shell but not super clear atm where to go next.
Type your comment> @luca76 said:
Type your comment> @Zot said:
Type your comment> @luca76 said:
(Quote)
No luca, I wasn’t trying to get my cookie, I was trying to steal whoever was in charge of the support boxes cookie. It’s all good, I got user now. To anyone reading this, FORGET ABOUT COOKIES! (like Luca said)I have the user too, and I have a shell, but it’s not easy anyway, in fact I would say that now the road is uphill for me, I’m not good with P **** s *** l
I’ve never used the… restricted environment (if you’ve made it to that user, which you probably have). So this is just going to be a lesson for me. As soon as I got user level access I busted out meterpreter. So navigating the system has been a breeze, but yeah, gotta study the docs for je******** you know.
Reel2 … i got root!! Insane and crazy box
Type your comment> @CyberVaca said:
Wtf winrm? rabbit hole? I have valid credentials :neutral:
yeah… I am getting the same here.
Got 2nd user creds but winrm is not playing the game… what am I missing?
Type your comment> @acidbat said:
Type your comment> @CyberVaca said:
Wtf winrm? rabbit hole? I have valid credentials :neutral:
yeah… I am getting the same here.
Got 2nd user creds but winrm is not playing the game… what am I missing?
Ok got passed that part (yay)
Next hurdle … :neutral: , challenge
a slow start on this one. I have a bunch of users, and admin access to the high port site, but haven’t been able to turn it into anything so far.
Is going down the J*A path the right way for root?
Hey guys, got rooted but without NT\Authority System. Is there any way to get root shell? If someone knows i will appreciate for helps
Rooted! Hard box but very entertaining! Congrats @cube0x0!
PM if anyone need a little nudge!
Rooted, awesome box and I learned a bunch of new things. Great work @cube0x0
A bonus when you also understand the language being used 
İt’s getting harder !! Brain freze.(
Great box, harder than what i expected.
I dont have many hints to share without spoiling too much, but i suggest to have a look at a sneaky box.
to whom it may concern:
just because something is possible doesn’t mean you should do it.
please stop changing passwords for accounts other players are dependent on!