• Wow, Postman had me stumped! I could not figure out some small details (which have been discussed in this thread enough, I guess), so it took me ages to get the initial foothold. Once I got that, the rest was feeling somewhat...too easy, I guess.

    I still have no idea how to get the user flag, as I went straight from initial to root.

    If anyone wants to show me how they did it, please tell me in a PM, I'm curious. I'll send you the point where I got stuck if you want. I think there's something in there I can learn!

    Initial: Learned a lot about a thing that I have used only once before, that was new, thanks!
    User: Still no clue!
    Root: Quite easy after you figure out that someone was a bit careless about conserving...

    Thanks to @TheCyberGeek for making this box. Despite the frustration I felt, I learned something and that's why I'm here :)

  • Fun little box, thanks @TheCyberGeek! This was only my second (active) box and I was somewhat surprised to see that I could immediately reuse some of the things I learnt on OpenAdmin :)
    Shoutout to @5H3LLKiller and @mohabaks for helping me get over that john "hurdle" I completely brainfarted on ... :sweat_smile:
    Does anyone know whether there's a way to root without m********t?

  • edited March 2020

    @hellsheep, take a look at the sshd_conf file and I believe you will know why you can't SSH in at M***


  • I found the r**** tut on packetstorm, but the article assumes I know the username of the account in which to drop my key. How do I find that out? I already get a permission denied trying to change to the /home directory.

  • Im not sure what i did wrong with nmap but i was not able to find r***s-cli but im all good now.

  • Hello everyone
    i am stuck
    i put the key from ***.bk to ssh2john and then put jtr to work using rockyou wordlist
    no password found
    need a hint

  • I'm running the scanner to find says found after everyone. R**** Login. I can't get the initial foothold.

  • Rooted. Time to get foothold was apparently not well spent. PM for a nudge.
    Thanks @TheCyberGeek !

  • I'm new to this. I entered using r****-c** and another usual tool but I'm lost when I try to change users. Can you PM for a hint?


  • Rooted :) An easy machine for the ones that've done enough linux machines. Learned new things too !!
    PM if anyone needs some help.

  • Hi!

    System owned! Fun box!

  • Is the r**** service down for anyone else? I'm noticing I'm unable to do a full nmap scan on the box and when i try to use the r****-c** tool to connect to that service, it just hangs. I reset the box, but still seeing the same behavior.

  • System owned...

    Thanks to who pm me with hints


  • Hi Forum, I'm facing a very weird issue...I am unable to access the port 10000 via the webrowser

    When i try to access it via HTTP, i get a redirect URL to the https link. However, on clicking that link, i get an error saying "We can't connect to the server at postman". Has anyone else faced this issue too? Any help here would be great!


Sign In to comment.