Official Zipping Discussion

help me bro.
Is sqli a right path?
I found sqli vector and enumerated the database, but I didn’t find anything interesting.

same here

Just owned the box. Feel free to PM me if you need a nudge :slight_smile:.

Hi, is the zip upload technique the right way to deal with the box to get the user shell?

Can anyone give me a hint, I’ve tried literally everything!

My drone/home/rektsu/.config/ is missing, and stock does not have this call. What should I do?

Think about if you could exploit your way with some SHARED thing and build it your own now that you find that something is missing… :slight_smile:

I didn’t find my way to RCE through the upload. I’ve tried litterally evrything on the upload part. But nothing worked. The only thing I got is a kind of LFI, I can read the content of files that the user r have the read permissions on! Is the upload thing a rabbit hole? Can I have a little hint??
(I got the user flag, by reading it, i dont think it’s the appropriate way!)

PM me.

Hello, can you help me please ?

I am stuck in file upload:

Hey, if anyone can help out I have been trying to gain initial foothold? I believe the way I found out is the way that was already patched. Please DM me I just have a few questions