Scavenger

agr0 · October 13, 2019, 7:39pm

Rooted. What a ride. I really enjoyed this box. Did anyone manage to get a fully interactive TTY? If so, teach me! Mold me!

zard · October 14, 2019, 12:03pm

Finally … what a ride. Thanks @agr0

t3rm1nal · October 16, 2019, 12:08am

Need a nudge for root lads. DM me, TY!

asifabid · October 17, 2019, 3:11pm

Type your comment> @t3rm1nal said:

Need a nudge for root lads. DM me, TY!

@t3rm1nal said:
Need a nudge for root lads. DM me, TY!

if you find any help please do help me too …

WayneJLee · October 18, 2019, 7:11pm

Criminally underrated box IMO. Well done to the author.

Korlash · October 22, 2019, 4:04am

Excellent challenge, certainly pushed the tools and methodology having so many paths to look at. Hat tip to @vGsec for the nudge and helping me keep consistent. Nice box all around @mpamo.

joakim · October 27, 2019, 9:46am

Nvm: got it

Parsons · October 30, 2019, 6:39pm

Simply, awesome. What a ride. Thanks so much for this box @mpamo.

joshibeast · October 30, 2019, 8:02pm

Could someone give me a nudge for user.
I’m attacking a specific service but I’m failing to create a valid payload.

blink3r · November 5, 2019, 3:29am

R0oT3d!
One of the best boxes so far.
Thanks to the creator.

joshibeast · November 6, 2019, 8:53pm

Stuck at getting something out of the above-mentioned “bug”.
Any nudge would be appreciated.
Enum is not going anywhere or I’m going it wrong.
Same thing is with the rce.

Werebug · November 8, 2019, 12:51pm

I’m also stuck at m****s. I can log in and I also see a very suspicious file in the document root, but can’t find a parameter for it… any help? I tried bruteforcing the parameter, tried a few common ones, different http methods… what do I miss?

And I can’t find a way to read that file to see how it works, nor to upload a similar file of mine.

twelve21 · November 8, 2019, 3:48pm

Great box. I about lost my sanity in a couple of places. Thanks for the whirlwind of an experience, @ompamo!

baubau · November 9, 2019, 9:26pm

i sh***.php r-hole and if not do i have to guess the params?

christrc · November 10, 2019, 8:20am

Enumeration is very slow (20 reqs/s) with dirbuster

p3tj3v · November 11, 2019, 12:57pm

I need a small nudge for root…
so I have all the various files, got user.txt…
found some interesting things in the incident files.
Also found some articles talking about the compiled file…but struggling to connect the dots…

Update: so after some fighting finally manged to get this resolved thanks to the ppl assisting

Adam2019 · November 23, 2019, 2:54pm

Got root! message me for help

v01t4ic · November 29, 2019, 9:36am

Hey all! For root part Should I brutforce the magic or just try other ways of execution?
Would highly appreciate a nudge here.

nvm, above is nonsense and i was dumb… rooted! thanks @ompamo, I’ve learned my lessons

hanter · November 30, 2019, 4:57pm

hi help move on
I enumerate and found.
twg and pco

vhost
www.super***hosting.htb/

there are 2 more but I don’t know what to do.

q1Z · December 2, 2019, 2:14pm

Why admin interface is soooo slooooowww…?

Topic		Replies	Views
Kryptos Machines	109	13160	September 20, 2019
Ellingson Machines	435	59734	October 17, 2019
Haystack Machines	684	102746	February 26, 2024
Unattended Machines	194	25585	August 22, 2019
Endgame Machines	36	6523	May 19, 2022

Scavenger

Related topics