hahahahaha
not “easy” but pretty straight forward, go for the basics, if you need help, ask for a hint 
What’s your status?
Two tips for CTFs:
- If bruteforcing takes more than 5 minutes, that’s not the solution
- Blindly bruteforcing root without any prior hint or password policy is (almost) never the solution
I tried the expolit for cms but not working very well, no any call back. I am not sure its the problem of url or anything
Script is not fully functional.
Try to understand it and do some parts manually.
- There’s some pretty good hints earlier in this thread for where you’re at.
- Please remove the blatant spoilers.
3 Likes
100%
Could someone with flag user DM me ? I got some questions and I’m about to smash my head on my keyboard
Stuck in the root - privilege escalation part. Do you have any recommendations for it?
Focus on enumeration 
Thank you!!!
you can port forward and retry Auth password
1 Like
rooted
You are going too far with port forwarding. While it can indeed be done with port forwarding, there is an executable that you can run with high privileges to gain root access.
2 Likes
1 Like
Can you help with foothold?
Can someone help with nudges on foothold ?
enumeration of directoris
Ive done that and found the CVE but im tryna see what im doing wrong with the CVE.
Who actually tracks down write-ups on activate machines that are publicly accessible?