getting the initial foothold was actually not hard at all…
Just rooted the box… what an ez machine…
Nothing many new things to learn but… pretty straight forward box… nice work @sau123 …
1 Like
Man how could you’ve been able to rewrite that service file to PE?. I gain access years ago, but i get stuck on the PE stage. Any help would be great
there is nothing to edit… hehe
Guess I just spend the last 4 hours on a rabbit hole then ;-;. Any hint?
there is nothing to hint bro… the only hint is the actual answer…
PE is ez af… don’t overlook into it…
Is the login function at m******l a rabbit hole?
1 Like
no
1 Like
just got here as well, and its not. Got it to hit back to a http listener on my machine. You need to see how to properly configure the first service to send the payload to the second one.
2 Likes
Man, I must be really dumb to not be able to get this PE. I got user in like 15-20 minutes, but this PE is kicking me down. Not sure what else to try.
1 Like
help!!! i cant find way to get root
PE NOTE: Just don’t overlook into anything… do what you can do as anybody you want… It’s awfully ez…
1 Like
Very nice machine, it was a bit unstable at the end, but beautiful road.
For user, find the vuln and try to understand the whole context and not just copy/paste the PoC, in order to exploit what you need find.
Root, is obvious, once you find it, it will be that.
Thanks for another great machine!
PS: special thanks to @panda08s, for enlight me out side the hole.
1 Like
This was a fun box, and it didn’t take long to finish.
Enumeration: look at what the statuses imply.
Foothold: see what the first service does and what options it has. Some googling will point you to a type of attack, this can be used to get more info that was not attainable in enumeration.
User: More googling about the second service, and then modify the foothold to be able to use the exploit.
Root: One of the first things you should check. Might need to get a better shell first.
bro please you can help me for getting the shell of this machine
i am stuck please any one
can help me
Fun box. I was setting something up to become root, but something else happened. Got some prompt, and then # was 3 characters away.
Is there a connection issue; because some ports comes with “filtered” STATE ?
“I can access one port”
You are correct. Remember this. You might need it later.