Got user txt
I am stuck at user, I managed to read /e**/p***** using the sfp connection, I found the location of user.txt, yet I struggle to see the bigger picture… the user.txt located inside -y**Q’s home folder is unreadable, but even if I was able to read it I would still have no shell… should I search for this guy’s password elsewhere? Is the highport service needed at this point? Totally lost…
Type your comment> @Maxpnl said:
I am stuck at user, I managed to read /e**/p***** using the sfp connection, I found the location of user.txt, yet I struggle to see the bigger picture… the user.txt located inside -y**Q’s home folder is unreadable, but even if I was able to read it I would still have no shell… should I search for this guy’s password elsewhere? Is the highport service needed at this point? Totally lost…
offcourse highport is there for for a reason … to help you get high 
EDIT: rooted
Thanks @ZerkerEOD
I was finally able to get root with the help of @dividebyzer0, Send me a PM if you have any questions!
root@onetwoseven:~# id
uid=0(root) gid=0(root) groups=0(root)
Don’t hesitate to PM for some help!
can anyone PM me what to do with RewriteEngine … i’m stuck there … any helps.
do we need to get php execute to get user? can anyone PM for hints??
Finally rooted! My lord, what a ride! Awesome box! Learnt a lot of things.
Thanks to @kekra and @dreamerscoffee for some debugging issues
got user & shell, going for some root 
pm me if you need any help.
Rooted at last! And the process on rooting the box was very fun! Thank you very much @jkr for the nice box!
If anyone need some nudge feel free to PM
Can anybody help me in figuring out the file which we are requesting from a-g.
I rooted this machine a few days ago and had to post something to the maker. This was the most fun I have had on a machine yet. Good work JKR!!!
Can someone follow my reasoning in private about root and give me a little nudge with the latest step? (I really mean the latest step possible)
any help guys for root I know is by apt but how to do that and what tools need ?
Wow what a machine, golf applause. What a journey, it was like a good wine it got better over the time you struggle to get root.
Here are some hints/comments
1 - Cloudfare is not the option… jaja.
2 - sftp runs over ssh, check the flags of the underlying communication layer.
3 - Some of the restrictions to upload files resides on how the requests are sent, not how are decoded by the backend
4 - Be carefull with proxies, if you see more than one package to update that means the server is leaking to the internet. (if happened better reset)
Bravo!.
@k4ct0 said:
3 - Some of the restrictions to upload files resides on how the requests are sent, not how are decoded by the backend
Firstly, I tried it with developer tools, than with curl (POST/PUT) with multiple paths etc and it doesn’t work. Where should I direct my analysis to ? I’m exhausted …
Thanks for the comment!
Can anyone PM me a hint for location of uploaded addons? I’m getting success message, but can’t find uploaded files anywhere on the server (with any file extension and type).
Type your comment> @4d4c said:
Can anyone PM me a hint for location of uploaded addons? I’m getting success message, but can’t find uploaded files anywhere on the server (with any file extension and type).
Hi all!
Got user.txt but don’t know what are my next steps. Could anyone help me?
Found admin page, but unable to find creds for it. Also tried to get access to /v**/w**/h*** but no chance to see directory structure. Tried to guess smth inside it but no success. Uploading .php shell through s*** doesn’t work
EDIT: if you get a redirect all time try to clean a cache of a browser