Man, this lab was really something new. I tried my best initially, and when I was not able to proceed, I watched the video, and when I thought I got a hint, I stopped and proceeded. This lab's shell is really stupid. What the hell is this:) Thank you, Tyler. I learned some ways on how to proceed in the labs and not give up
I got very lucky with the credential guessing and got it on my second go. I googled the specific version of concrete5 and I found an article that said something about default credentials being admin admin so I started admin and guessed password. I did however get full stopped on priv esc before even getting toad so props to you im sending a sub
Great stuff! I just did this room, and I completely agree with the login. If you don't mind could you explain why you had the idea to run pspy? Is there any particular thing you saw that made you think of it, or did you exhaust all other options? Is pspy something you generally run? I haven't seen it before, so I'm just trying to understand the reasoning. Thanks for the great content!
Hello, I think the whole problem about showing the files with CAT is coming from the suid bit on Toad maybe Because by using the LESS command it works without permission errors. Also by removing the suid bit on /bin/cat with root permission afterward, we can use cat to show any file without problems
@@TylerRamsbey thats what I meant... your right weak password i guess we would say.... that was an interesting box to say the least.. I dont understand the flags and why cp /tmp/flag is necessarry... bizarre mario word
@TylerRamsbey This walk-through is really informative and I've learned my things from it. I got a problem where I'm not able to byPass the IP ban using the header X-Forwarded-For:. I've tried using different header, but nothing worked for me.
