Official Resource Discussion

AT2022 · August 5, 2024, 1:05pm

The HTTP service on the machine is down.

someguyagainV2 · August 5, 2024, 1:18pm

Jesus christ this is hard as ■■■■

v1nd1c4t10n · August 5, 2024, 1:18pm

I had the same issue and restarted the box and tried other VPN connections and finally got one that worked. It sucks.

v1nd1c4t10n · August 5, 2024, 1:25pm

I’ve finished the box but have some questions. Any idea what the intended path to foothold is? I know of 2 ways but am not sure how I would have know to do them without hints.

someguyagainV2 · August 5, 2024, 1:27pm

Irrelevant question to one you asked but what would you rate box on difficulty scale?

htf · August 5, 2024, 1:35pm

Does anyone know if the admin panel has a purpose or is it a waste of time?

(for foothold)

W40X · August 5, 2024, 1:46pm

FroggieDrinks · August 5, 2024, 1:47pm

The intended seems to be Globbing at the moment. Since Staff made the box i doubt we will get a straight answer until its retired.

I dont see any other method and ive beat up this box for 3 days straight.

insomnia · August 5, 2024, 1:56pm

This machine is full of rabbit holes; it should be called ‘Discard the Rabbit Hole,’ many backdoors lol ##149

vincecipher · August 5, 2024, 1:57pm

is this from the a**** page that we can do the xss because none of mine worked ? I alse tried to abuse the 2 functions on this page but nothing too and also filter:// … it’s the same .

insomnia · August 5, 2024, 2:01pm

It has something to do with the page a***, but it’s not an XSS or an IDOR. I found several XSS and several IDORs; you’re in the right place now, enumerate parameters

Zhayr · August 5, 2024, 3:09pm

50/50

someguyagainV2 · August 5, 2024, 3:18pm

Ended up finding XSS and some other stuff but not getting much else. Just hit a wall now

insomnia · August 5, 2024, 3:37pm

It’s not xss

someguyagainV2 · August 5, 2024, 3:40pm

Yeah I figured that, just fully hit a wall now I’ve tried a bunch of attacks but maybe I’m overlooking something.

insomnia · August 5, 2024, 3:40pm

Send me a message and I can give you a hand

assquired · August 5, 2024, 4:06pm

That was the intended way you think? Cuz that was the most unsatisfying way to root.

Unibeef · August 5, 2024, 4:16pm

I have found a reverse shell and am looking the user flag. I have found a password somewhere in the system but try as I might, I am not able to login anywhere with the password. Anyone have any tips?

insomnia · August 5, 2024, 4:31pm

no, that’s not the way, i already found 3 ways to scale, lots of backdoors lol

insomnia · August 5, 2024, 4:32pm

Message me privately (the form isn’t letting me write the same thing anymore; if you need more help, message me on IG. It’s getting tiring to write the same thing in different ways just to be able to send it)

Topic		Replies	Views
Official Compromised Discussion Machines	210	22392	January 25, 2021
Official Moderators Discussion Machines	12	2479	October 17, 2022
Official Undetected Discussion Machines	62	5710	June 27, 2022
Official Bagel Discussion Machines	37	4984	May 14, 2023
Official Runner Discussion Machines	178	6961	August 31, 2024

Official Resource Discussion

Related topics