Anybody else having issues with the web server on the box not starting? No port 80 after restart.
same issue here
1 Like
did happen to me, had to stop and start the machine, it worked for me
1 Like
Thanks for the replies @Bl4ckKn1ghT and @s1l3ntmask, was starting to think it was something on my end.
1 Like
Can someone give the hint from zzinter in ssg to root?
1 Like
yup. Ain’t no way this is a medium box. Not even close!
1 Like
Its very clear none of us know much about CA’s ■■■■ 
5 Likes
you can say that again! dear god this is a hard one.
true
i found the xss but nothing more, any help?
foothold?
Once you register there is one vulnerability that could get access to /etc/passwd but in this specific case it doesn’t. Try searching how you can gain RCE via this vulnerability
I got webshell but cant find any credentials for ssh.
Do I need to get reverse shell for a more stable terminal?
This box is absolutely kicking my a** Man what a hard box
1 Like
“Do I need to get reverse shell for a more stable terminal?”
This is always the case isn’t it!?
Did you search the home dir to the user you got access to!?
Jajajaj yeah I know.
What I meant was if instead of looking for ssh credentials with the webshell I should focus on a reverse shell using nc.
I found two users in the home folders. But cannot see the contents of those folders
What user did you get access with!?
2 Likes
I have always sucked at understanding certs…and this box just reinforces that
1 Like
Same bro I cannot figure it out
this box is mislabled, it should have been tagged as hard (or insane) and named certs.
3 Likes
www-data