# Oopsie
## Initial Scan
```nmap
sudo nmap -T4 -Pn -sV -sC -v 10.129.95.191 -oA Oopsie
```
## Task 1
With what kind of tool can intercept web traffic?
Answer: Proxy
## Task 2
What is the path to the directory on the webserver that returns a login page? Answer: /cdn-cgi/login
## Task 3
What can be modified in Firefox to get access to the upload page?
Answer: Cookie
## Task 4
What is the access ID of the admin user?
Answer: 34322
## Task 5
On uploading a file, what directory does that file appear in on the server?
Answer: /uploads/
## Task 6
What is the file that contains the password that is shared with the robert user?
Upgrade to a functional shell:
```bash
python3 -c 'import pty;pty.spawn("/bin/bash")'
```
Answer: db.php
## Task 7
What executible is run with the option "-group bugtracker" to identify all files owned by the bugtracker group?
Answer: find
## Task 8
Regardless of which user starts running the bugtracker executable, what's user privileges will use to run?
Answer: root
## Task 9
What SUID stands for?
Answer: Set owner User ID
## Task 10
What is the name of the executable being called in an insecure manner?
Answer: cat
## Task 11
Submit User Flag
Answer: f2c74ee8db7983851ab2a96a44eb7981
## Task 12
Submit Root Flag
Answer: af13b0bee69f8a877c3faf667f7beacf
