Type your comment> @Niotop said:
Hi I need some hint on the box, I am stucked at foothold, can’t get the rshell, I can’t make the RCE work.
Were you able to get t*****r account? If so, look up for an exploit. Hint: there is a poc on youtube
HI -
So, I saw that the author stats for schooled put weight on enumeration. And everyone in the forum seems to be saying that I can get to teacher by enumeration.
I have like 3500 distinct URLs on the site from enumeration.
Not one of them helps me figure out how to login as Manuel or any teacher for that matter.
I have enrolled the the math class but I just dont know how to get teacher creds since Manuel Phillips is not a real person that is going to read their messages.
I think I figured out the correct thing to do, i should have known based on the available class to to enroll in.
God! Where is that fg moo version ? I see an ajax upload vulnerability but I don’t find any usable exploit, just a php file with an obfuscated code. Is there simpler ? Is there something to exploit with that url field in profile ? :neutral:
Anyone can give me a nudge on how to get the credentials?
Just wow! User has a real nice flow to it, if you take your time to read all information. Root is a bit underwhelming, but fun nonetheless.
Thanks @TheCyberGeek for this amazing box!
New Moodle XSS disclosure:
https://twitter.com/JacksonHHax/status/1391367064154042377
I am still trying to get manager creds to meaningfully allow remote access but i just saw the above
Great box. Available for help if anyone wants pointers but via discord please 
inspired #1745
Shooted. 
Dm if need help as usual. assured help.
Type your comment> @dylvie said:
God! Where is that fg moo version ? I see an ajax upload vulnerability but I don’t find any usable exploit, just a php file with an obfuscated code. Is there simpler ? Is there something to exploit with that url field in profile ? :neutral:
some other field, and there is a cve for it.
Spoiler Removed
Foothold was challenging for me, afterwards it’s straight forward. I liked the real life aspect of the box, thanks for the creator!
Dm me for any hints needed or you stuck somewhere
According to PoC of me After upgrading my Ml Ps account from tr to mr, I can’t see site an section and I just see course a*****n
Am I missing something or is that all I need?
EDIT: nvm, Figured it out in a different way
I have a problem to install rce.zip plugin downloaded from github. Any idea ?
Plugin “block/rce” is defective or outdated, can not continue, sorry.
More information about this error
Debug info: Missing main block class file.
Error code: detectedbrokenplugin
Got root …!
Initial Foothold : for me the initial foothold is hard when it is compared with user and root, you just need to find which component that you need to exploit and be confident on that to try available CVE and exploit multiple vulnerabilities.
User: it is all about enumeration and cracking
Root: You can find what you can do at first step, but you need to do some research to get root successfully.
DM me for the nudges, Please state your steps that you taken so far, AND PLEASE HIGHLIGHT WHICH BOX YOU ARE ASKING FOR 
I need help with upgrading to user. I have done rs and I’m in as w user. I know that enumeration is a key but i spent like 6 hrs trying to find something and failed. Please give me some hint
EDIT: Rooted
Anyone, I am stuck on d********* the h*** I got from mdl_u*** !
John isn’t detecting it as something consumable but by looking at h*** header I am pretty sure it’s b****t.
The foothold really drained me; but an excellent box overall.