Official Zipping Discussion

same here

Just owned the box. Feel free to PM me if you need a nudge :slight_smile:.

1 Like

Hi, is the zip upload technique the right way to deal with the box to get the user shell?

Can anyone give me a hint, I’ve tried literally everything!

My drone/home/rektsu/.config/ is missing libcounter.so, and stock does not have this call. What should I do?

Think about if you could exploit your way with some SHARED thing and build it your own now that you find that something is missing… :slight_smile:

I didn’t find my way to RCE through the upload. I’ve tried litterally evrything on the upload part. But nothing worked. The only thing I got is a kind of LFI, I can read the content of files that the user r have the read permissions on! Is the upload thing a rabbit hole? Can I have a little hint??
(I got the user flag, by reading it, i dont think it’s the appropriate way!)

1 Like

PM me.

Finally, finally, rooooooooted!!!
This box was a bit difficult for me, but it was crazy fun!!!
Thanks to the box’s creator and the advice in this thread!!!

1 Like

exactly the same with me

Think about what else can U do with the MySQL, also is there any way to connect the first vuln with this

1 Like

Hello, i have been trying the intrusion on this machine for 1 week and still don’t get it, i would appreciate if someone could help me. Thanks:)

i have got the user flag using lfi but couldnt get into the machine any tip regarding that

bro tell me how to get reverse shell i tried zip method but didnt work

Upload vector is a bust.
Anyone have a directtion or hint we could go in?
Fuzzing yields no results.

I found the SQLI but now I’m stuck and can’t get a shell. Could someone DM me a hint?

any chance of a nudge to the proper sqli. I cant find it for the life of me.

im stuck in the same place. tested LFI. sqli, upload vector with zip slip and get nothing

1 Like

Soooo… Am I supposed to bypass the preg_match regex to perform sqli or is that a dead end ? I’ve tried at it for a few days now, no success… :wink:

same here, i got the user flag but i don’t know how to get into the system. I’ve tried to bypass preg_match but no solution. PM me if you want to work together.