Official Zipping Discussion

If anyone is lost in this machine after user flag, PM me, i’m open to collaboration

1 Like

Hi, I am poking at the system through different vectors but stuck trying to get foothold. Anyone around to discuss where I am at?

I have the same problem, I cant do the foothold.

Tip that helped me when I got stuck getting foothold: When you have enough information about the environment, try to replicate it locally to test your exploits. Errors have valuable information.

I too have been stuck on getting foothold. I was able to get user flag by using the upload vulnerability, but I am not sure where to go from here. If anyone has any hints or suggestions please let me know.

I feel like the machine is broken.
I found an interesting binary to exploit but it doesn’t seem to work properly.
Can someone that already flagged it try it again and tell me?

Ps: owned user trying to get root flag

I’m stucked, I found the Path Traversal, also the custom SQLi. With the 1º vulnerability I found user flag, but with the second one, even if I can get database information, I am not able to retrieve any valuable information or to write a file. Any ideas?

Guys, I finally got root flag. It took me 3 days but finally I got it. If you need a tip let me know.

Im stuck with getting the shell.
i get the connection but it says ambiguous redirect !!
any help please ?