If your python http server gives 404 on files which you definitely have - consider switching to apache with proxy.py.
Quite annoying but still interesting machine that seeks a lot of steps to complete. Msg me if you get stuck
I’m stuck. I have the S**P credentials from the site, and I’m able to login and upload as I wish, but I can’t seem to run anything beyond the HTML page. I’ve tried all the options in the help menu, but none seem to make any difference on wither the site or S****P.
I know there is an admin page at a higher port, and I’ll need to do some S** tunneling to get to it. but When I try it gives me "This service allows s**p connections only.
What am I missing?
Type your comment> @TheZeroCode said:
I’m stuck. I have the S**P credentials from the site, and I’m able to login and upload as I wish, but I can’t seem to run anything beyond the HTML page. I’ve tried all the options in the help menu, but none seem to make any difference on wither the site or S****P.
I know there is an admin page at a higher port, and I’ll need to do some S** tunneling to get to it. but When I try it gives me "This service allows s**p connections only.
What am I missing?
Your next step is kinda L-ook F-or I-nformation like. Search for the right symbol to the right directory.
Edit: posted in wrong thread
This is one of the best privescs I’ve seen in my life. This box took many days for me to root but it was totally worth it.
PM For hints 
Hi All,
anyone able to help me with root? Pretty sure I have found the correct attack vector. Just a bit stuck on where to go with it.
Thanks
I could really use a hand with the upload portion. I’ve reviewed the scripts, and I’m pretty sure I know what I have to do to get my own plugin uploaded. I’m just stuck on how to format the request via B**** S****.
I am getting very angry with the attack vector to get the root flag, I cannot make it work!!!
Hey all.
I finally got root. This is probably the hardest box I’ve done.
This is the first box that I’ve asked people for help and I just want to say that the community has been great. helpful and patient.
I want to thank @avetamine for help getting the upload and @AzAxIaL for help with getting root.
Thanks for a great forum.
Hello guys when i do the port forwarding all pages are blank. What am i doing wrong can someone give me a nudge. TY
Anyone PM a hint, stuck at s**p, trying to l*nk local dirs, just getting a bunch of 403s
I need some help with Initial Foothold. All I get is failure messages. Can any one give me nudge?
edit: After posting this message I found something.
edit2: Stuck with root. I figured out something about a**-g** but need some help here.
edit3: Got root. It was a real challenge. I think this machine is harder than “Fortune”.
got user.txt now looking for root… help me for that
I am stuck on the “File uploaded successfull.y” part. If someone could PM me and give me a nudge in the right direction I would greatly appreciate it.
Anyone able to give me a push in right direction?
I can access the high port but need to login there… no creds found for that 
assume something to do with initial foothold but looked at all commands I have there but don’t seem to able to grasp hold on anything
Update: managed to get passed that one… now fun with the upload…
trying to s**p in with creds on the site however, i get password incorrect…what? am i doing something wrong?
EDIT: nvm got in but seems to hang a lot 
fail2ban banned me so i used a SOCKS proxy and now the password for s**p is wrong??? what? please PM me
Hi, I’m looking for a poke in the right direction as I’m stuck. I’ve tunneled through S***S (and even tried doing it twice to/through the host, hoping that it’d show up as a connection from localhost and let me in), but I keep getting 403 on the high port.
I’ve found the credentials in the S*P file. I haven’t been able to get a shell or user.txt at this point, but assume it’s because I need to get to the high port first. Can someone help me out please?