Forum Discussion
domel44
Bronze II
2 months agoAdvanced CTF Challenge: Hardened Maze
Hi Team,
I found file upload options on one port but get information:
"For authorized personnel: Upload a critical security patch."
I tried with many extension with curl and POST method with -F "exe_file=@filename"
Unfortunately, it does not accept any of my combinations.
You can give us some clue as to how to approach this ๐
Try fodhelper again manually.
9 Replies
- autom8on
Silver I
You might want to look here... List of Executable File Extensions - Windows - Aerorock ;-)
- domel44
Bronze II
Thanks - i got reverse shell to the windows host but cannot find the way to escalate privileges to view token because host is in WORKGROUP not domain member...
- NIETOM
Bronze II
domel44โ - Enumerate your user carefully and the groups he belongs to and why he's part of those groups. Remember the box is "hardened".