Is the box supposed to show a 503 right off the bat? I would assume it’s supposedly “misconfigured”
I guess the box is down at the moment. Can’t play anymore in the admin control panel
Yup now tired with getting 503 and Playing.
Going to bed
Legit easiest root ever, took me about a minute
rooted … very easy and straightforward box
User took a couple hours cause people feel the need to put their backdoors on the index.php
and hose the box in the process, causing a reset every few minutes. I hate you if you did that. Just sayin.
Got a shell, ran Linux Smart Enum and popped root in about two minutes. Waaaaaaaaaay too easy, IMO.
Decent box, though. Just wish people (even on VIP) would quit ruining it for everyone around them.
Anyone have an idea, why the script always ends with “DID NOT WORK” ?
Rooted. Cool machine
Easy root )Thx for box! ) Love it
Any hint on how to decrypt the M****** password?
Any hint what to do after login into m*****o as admin?
got a admin account but now after the thousands of resets the exploit isnt working anymore, does anyone know why?
Any nudges for user?
user > google is your friend for a shell although it took me a while to find the right exploit. Theres an old school video game that might help.
My only complaint is we are in 2019 we shoudn’t really be ctfing a box with a 4 year plus vuln when there is a pretty decent exploit just released.
I understand this was done for simplicity reasons but considering the vuln you used is mad old and what not threw me off and honestly i didn’t even do the box when i seen this than a friend came on and i helped him not sure why but this aspect really aggravated me either way thanks creator just my 2 sense.
Hey all, completely new and this is my second box. I have a pretty good idea of what I am supposed to do but I am completely lost as to how to leverage the vulnerability in the web page. Any hints would be appreciated.
Type your comment> @PavelKCZ said:
Anyone have an idea, why the script always ends with “DID NOT WORK” ?
wrong exploit, contains path that doesn’t exist
Type your comment> @p1azm0id said:
Type your comment> @PavelKCZ said:
Anyone have an idea, why the script always ends with “DID NOT WORK” ?
wrong exploit, contains path that doesn’t exist
comment is extremely misleading I would say
Type your comment> @halfluke said:
Type your comment> @p1azm0id said:
Type your comment> @PavelKCZ said:
Anyone have an idea, why the script always ends with “DID NOT WORK” ?
wrong exploit, contains path that doesn’t existcomment is extremely misleading I would say
I don’t understand why the exploit isn’t working. Infact I’ve tried a couple.
Could we get a hint please.
I got a username and password and i logged in somewhere, but I am stuck and I don’t know where to go from here.