Official Shoppy Discussion

Official discussion thread for Shoppy. Please do not post any spoilers or big hints.

1 Like

Rooted the machine. Figuring out what is running is the biggest hurdle for this box. Then the box has a straight-forward path to root.

Rooted! This is one of the great machine to learn a new ***1nj3ct10n technique.

Rooted. Pretty straightforward box.

to be exact, *****1nj3ct10n

a small hint: try enumerating with different wordlists.

1 Like

Actually a usefull one :slight_smile:

The foothold was kinda confusing

well… just be patient and check twice :wink: )

Found the login page but I have tried every payload/encoding or WAF bypass under the sun and it still just hangs. Am I in the wrong area or missing a step?

2 Likes

Is there expected behavior when you try to inject? What types of databases do you know? Try to use what is in shadow, not only under the sun :slight_smile:

Soo… this is one of my first ones. I hit it with hydra and dirbuster is that the right direction?

Rooted! It is a very interesting and straightforward box!

hi
noob here can anyone help me get a foothold? ive found the hidden dir m…m… but cant access it. Im thinking there is some sqli here but dont know what to do can someone please help
thanks in advance

This was a nice machine… in my opinion there are actually 2 hard things about it.

  1. Figure out what is running
  2. Discovering where you can use the juicy info (i runned this kind of scan just as a last resort… after i started banging my head what i am maybe missing… lesson learned always do all kinds of enumeration and dont assume anything :smiley: )

If anyone gets stuck, just send me a PM

2 Likes

can someone help me with rooting this machine. I am new to this

bro can you help what to do, i am new to new

Yep just ping me on a DM

  1. Foothold
    → Enumerate deep what is given first hand.
    → Do not stuck on single type for bypass.
  2. Deep enumeration & bypass gives way to user shell.
  3. Just follow what user is allowed to do.

Was there a way to figure out bypass without doing trial and error for 4 hours? All the other steps for this box was like 1 minute each.