Traceback

febinrev · March 15, 2020, 9:09am

Spoiler Removed

GPLO · March 15, 2020, 9:35am

Very easy but enjoyable nonetheless

masquerad3r · March 15, 2020, 9:35am

And rooted !!!

Fun little box, really enjoyed this easy but interesting ride

My hints:
FOOTHOLD: OSINT, look about the author’s goto choice in backdoor
USER: The thing lies right in front, just learn the basics and exploit
ROOT: Look at the processes and don’t miss out on your permissions

Feel free to DM if you are stuck !!!

evspanin · March 15, 2020, 9:38am

got user flag, easy

MariaB · March 15, 2020, 10:18am

PLEASE stop resetting the box, Just read carefully the html.
No need to reset the box .
After you read carefully ,you will find the answer for the webshell

A1I3N · March 15, 2020, 10:37am

this box is so laggy and show me the connection time out message everytime :neutral:

l10NH3aR7 · March 15, 2020, 11:22am

Hello All,

I’m working on privilege escalation and found some interesting F***s but did not get any clue. I am stuck. anyone can help me ?

Thanks in Advance

argenestel · March 15, 2020, 11:24am

I am doing osint but no progress what to search

l10NH3aR7 · March 15, 2020, 11:27am

Type your comment> @s1lv3rst4r said:

I am doing osint but no progress what to search

Hello mate,

I would like to suggest you to think about all common webshell names .

enjoye.

Big7asty · March 15, 2020, 11:36am

Really enjoying this box, never touched L** language but keen to learn

MariaB · March 15, 2020, 12:31pm

I got user.txt and was able to switch between the users ,But seriously people are resetting the box and overwriting things all the time

akenofu · March 15, 2020, 12:36pm

The resets are making this more painful than it needs to be OSINT Bois no resets plz

MariaB · March 15, 2020, 12:51pm

Yes it is terrible i had to redo everything 1000 times .

R3s7D0ne · March 15, 2020, 12:52pm

whoami

whoami
root

It is a really easy one for VIP users. Please use “>>” to stop disturbing others.
Feel free to PM if you want hints. But I think is a box is easy that needs not.

Thanks @Xh4H for this box. THEY seem interesting. =D

ac884b · March 15, 2020, 1:27pm

fun box

User1: this is CTF part - look at the source and think , quick googling will give you some options, one should work. Once you are in make yourself comfortable by accessing by the “front door”.
User2: lazy admins leaving messages here and there quick look at what could you run and looking at some syntax for a scripting language(if you are not familiar) will be beneficial.
Root: basic enum should make you aware of whats going on and google will help for an idea how to trigger it.

Rajackar · March 15, 2020, 1:32pm

Sometimes the binary and note that are supposed to be there get deleted by some joker.
If you’re stuck on user you might want to reset the box.

Mahi452 · March 15, 2020, 1:34pm

Type your comment> @HumanFlyBzzzz said:

■■■■■■■, that backdoor is so sexy, i’d like to buy it dinner and then take it back to my place

hahaha

comradecereal · March 15, 2020, 2:01pm

Very good box, I recommend this for beginners as its very straight forward. I also learnt something new which is a plus… Looking forward to the next box Xh4H!

spowlay · March 15, 2020, 2:14pm

I guess I’m not very good at OSINT, not getting anywhere. Anyone ping me in the right direction plz

th3jiv3r · March 15, 2020, 2:23pm

Initial: OSINT and Google will lead the way back

User: Enumerate and look carefully for the clue on the box

Root: Enumerate! A spy will help you, but while you wait you have to be fast.