Official Zipping Discussion

Finally rooted. There were couple of new interesting things. Thanks to @0zcool and @byf1sh for help!

2 Likes

Still need help? Send me a DM if so.

I got a shell several times on this machine, and then it stopped working, and I can’t use the same exploit I used again. Anyone have this happen?

I am facing the same issue from yesterday onwards. I got the user shell and planned to go for the root later. Now I am unable to exploit using the same method.

ah, love it when a ctf task or a box is just “fixed” after a thousand people have solved it :sweat_smile:

2 Likes

Can u help me with shell? I cant upload my php file with bypass

Anyone free to give a little hint on how to get the shell ? :slight_smile:

Thanks in advance

i need help, please i’m not getting a reverse shell
it is throwing a 404 when i try to acces the uploaded content thru the link it gave

anybody?
i need a nudge

I can help. DM me with what you have.

DM me with what you’ve tried and i can try to help

still needing help

I got user shell after some tries, but now I redoing the same exploit but not working!?
was the box changed or what !?
it’s so weird,

happened to me as well
something changed in this box

Hi to all, I found a valid way to the initial intended way for this machine, but I don’t know why the last part of my payload works hahaha, somebody can explain me? I will appreciated it on DM

Meanwhile: ** For thus stuck in some strange change, looks like this machine “change somepart of famous /shell to win/ initial easy way” , consider exploring another pieces of code using machine name vector and remember, If there is a control to mitigate a code that could be potential vulnerable, probably there is a way to check around and win … Hack Tricks PREG you to be a friend, find a way to MATCH for a relationship.

anyone online?i need some help

same.

I have tried doing many variations of the exploit and I keep getting Not Found, has it been patched or am I doing something wrong? please help.

In case if you are wondering why are you getting 404 not found, they have patched it… you can’t drop files now… you have to figure out the intended way which is also so easy to figure out…

1 Like

Finally can do it.
Initial Foothold and user:
-Found zip vector, hacktricks talk about that.
-Read all code you can, if you think a control works fine, search about how bypass.
-Don’t overthink, keep it simple a probe simple payloads for new vulnerabilities.
-Search common paths writable for all, review your own filesystem, Linpeas said you a lot of time in other machines.
-If you want to get some file and execute, think how application original logic make it this possible.
-check two times chars in all payloads, sometimes changing a little quote can generate a false sense of exploitation.
Root: search for tools that get you information about this file. if you need some secret, remember classic techniques on CTF file analysis. And …: “if a girl doesn’t looks for you, HIJACK his SHARED cat”

2 Likes