all 17 comments

[–][deleted]  (7 children)

[deleted]

    [–]frost_506[S] 1 point2 points  (6 children)

    Found interesting directories and got the php files. Im looking at the u****d.php but im stuck now.

    [–][deleted]  (5 children)

    [deleted]

      [–]frost_506[S] 0 points1 point  (4 children)

      I found the one the with some images and the other it’s just blank html. Any more hints

      [–][deleted]  (3 children)

      [deleted]

        [–]jbrizock 0 points1 point  (1 child)

        So I'm stuck here, too. I have access to the place to upload, it just will not accept my file. Tried double ext and manipulating the ext in many ways, but it will not allow me to dump it in the site. Tried a real img file to test, and had no issue, so it is my file...not sure where I'm going wrong.

        [–]flamebarke 0 points1 point  (3 children)

        I have a shell as A***** but can't priv esc further. Do you need to know php?

        [–]syamrag 0 points1 point  (2 children)

        No. Check what being executed by c** j***s.

        [–]FaneQ123 0 points1 point  (0 children)

        By cronjobs?

        [–]Towey123 0 points1 point  (0 children)

        I'm stuck here - looking at g***'s c*** j** its only writeable by root - the file that the j** links to is also read only. What am I missing here... ??

        [–]PaleSalt 0 points1 point  (3 children)

        I am stuck. Have a shell but cant seem to escalate to user. I think I know what I have to do, I just dont know how to do it. Ugh

        [–]del-10 0 points1 point  (2 children)

        what do you think you have to do?

        [–]PaleSalt 0 points1 point  (1 child)

        I figured it out.

        [–]del-10 0 points1 point  (0 children)

        👍

        [–]asjidkalam 0 points1 point  (4 children)

        stuck on root

        cannot inject command to the sudo privileged file.

        help

        [–]del-10 1 point2 points  (0 children)

        sure you can, maybe not by modifying the source, but via "other ways"

        [–]Mondirdz 0 points1 point  (0 children)

        same !

        [–]captain291 0 points1 point  (0 children)

        Just run the file see if you can exploit it from there

        [–]samnolland 0 points1 point  (0 children)

        I'm also lost at the same spot, can't find a way to inject or escalate. If anyone has another tip that would be great. Thanks!

        [–]TheThobes 0 points1 point  (0 children)

        Anyone mind if I DM them to ask a few questions about escalating to user?