User: Think logically, hard to explain what I mean by this without spoiling. Once you've read the file everyone is talking about, go back to the home dir, what permissions exist? Something is odd. How can you be in another directory but can't view contents ? Mess around in there and refer back to the "file" and keep thinking and experimenting is all I can say. Even this is probs going to be removed might be too much spoils
Root : IDK why people are saying to minimise the screen xD You can keep a full sized screen just understand what is going on exactly on that thing you've found. Understand it phrase by phrase, command by command, the GTFObin reference will help you understand why people are emphasising the word "LESS" - and from there, keep doing more logical thinking and experiment, you'll get it. I got it by mistake lmao it was a test run and ended up being the thing that worked
As i am always having my terminal at about 1/4th of my screen i didnt experience the reason for which everyone said to not have maximized terminal.
If any1 could explain why it happens in a dm i would really appreciate it!
Finally rooted this box !
I spent many hours working on this machine over nothing literally :
Port 80 wasn't working at the begging and i thought it was intended to be closed and was really pissed when i switched server and it took me like 15 min to drop a shell
User is challenging a bit but over all worth it
Root was a big journey too the intended way should have worked but it didnt get me as it should .. and as i figured out later that the server has issues too ! need to change my shell multiple times to finnaly get it done
Over all this box is great if all works as they should be !
hints only for user : don't go out to the public staying at home is always sweet
Any how big thanks to @jkr for this awesome box
First box rooted! Was a lot of fun, wrote down all the steps for my own knowledge as well. If anyone needs help feel free to PM.
It really made me slap my head when I found how simple it was! Tricky but simple in the end. The hardest part of the box was the user flag enumeration, the answer came to me at work today and it took forever to get home to do it.
rooted. I really enjoyed this one. Getting user was pretty hard for me, but if you follow the other advice in this thread you can get there
root: Unless you've seen this trick before you are fucked imo (unless there is another way to do it, in which case someone please DM me), no idea how you'd ever figure this out without being shown. I learned it by doing all the bandit challenges on overthewire, and that was the only one I had to cheat and lookup a walkthrough for, and im glad I did, cuz I'd still be sitting there trying to figure it out, heh.
Oh God..! Got USER.. but root is hurting... Man any tips?!! lol I have read about the 'tiny' things etc. But cannot get it to bloody work. haha I need help. I cannot do everything alone.
Hi, I have got the hashed credential and found the hidden keys in the hidden folder but still can't get in as its asking for passphrase ..is there another credential ?
Hi, I have got the hashed credential and found the hidden keys in the hidden folder but still can't get in as its asking for passphrase ..is there another credential ?
Rooted, crazy machine.
My hint for root:
If your command doesn't work, try this command in another terminal(not Kali terminal)
Thanks for the hint @rholas@bertalting@htbmar
Need some help for the user. In brief, I got the creds, played around with c*** file and accessed the user's home folder over URI. I noticed that the home folder has some strange permissions too. PM please
Whoop! Just finished this machine! Enumeration is key, once again, to get the foorhold, and then Kali has all the tools you need to get from foothold -> user -> root!
Comments
Those creds aren't for SSH
Discord: Ursa#1337
Type your comment> @Huejash0le said:
I had to switch to EU VIP and could see port 80 open.
Comment Deleted
Can someone pm on root please. I see the file, I see the way to root, however everything I try just results in a normal shell not a root shell.
Good box with some easy and interesting stuff to explore, even though the connectivity was not stable
Rooted ! Fun box. It seems that you can stare blind and focus on 1 particular thing or command. After rooting this one i felt so stupid.
DM me if you need a little nudge
Interesting box
Foothold: CVE
User: Think logically, hard to explain what I mean by this without spoiling. Once you've read the file everyone is talking about, go back to the home dir, what permissions exist? Something is odd. How can you be in another directory but can't view contents ? Mess around in there and refer back to the "file" and keep thinking and experimenting is all I can say. Even this is probs going to be removed might be too much spoils
Root : IDK why people are saying to minimise the screen xD You can keep a full sized screen just understand what is going on exactly on that thing you've found. Understand it phrase by phrase, command by command, the GTFObin reference will help you understand why people are emphasising the word "LESS" - and from there, keep doing more logical thinking and experiment, you'll get it. I got it by mistake lmao it was a test run and ended up being the thing that worked
Rooted, fun box @jkr !!
A great box jkr, thank you!
As i am always having my terminal at about 1/4th of my screen i didnt experience the reason for which everyone said to not have maximized terminal.
If any1 could explain why it happens in a dm i would really appreciate it!
Finally rooted this box !
I spent many hours working on this machine over nothing literally :
Port 80 wasn't working at the begging and i thought it was intended to be closed and was really pissed when i switched server and it took me like 15 min to drop a shell
User is challenging a bit but over all worth it
Root was a big journey too the intended way should have worked but it didnt get me as it should .. and as i figured out later that the server has issues too ! need to change my shell multiple times to finnaly get it done
Over all this box is great if all works as they should be !
hints only for user : don't go out to the public staying at home is always sweet
Any how big thanks to @jkr for this awesome box
I am completely lost in regards to even getting the user flag, no clue where to go or what to do. A nudge would be appreciated.
Just rooted my first Linux box. Thanks @D3Fix , @t0thkr1s , @rholas . I learned a lot from this box thanks @jkr!
GCIH
Just got [email protected]:
Nice box! I learnt a lot.
If need help u can send me pm!
Well thats that.. I always feel sad when I finish them...
id
uid=0(root) gid=0(root) groups=0(root)
First box rooted! Was a lot of fun, wrote down all the steps for my own knowledge as well. If anyone needs help feel free to PM.
It really made me slap my head when I found how simple it was! Tricky but simple in the end. The hardest part of the box was the user flag enumeration, the answer came to me at work today and it took forever to get home to do it.
I'm stuck on user d***d. Can anyone help me? PM.. please!
rooted. I really enjoyed this one. Getting user was pretty hard for me, but if you follow the other advice in this thread you can get there
root: Unless you've seen this trick before you are fucked imo (unless there is another way to do it, in which case someone please DM me), no idea how you'd ever figure this out without being shown. I learned it by doing all the bandit challenges on overthewire, and that was the only one I had to cheat and lookup a walkthrough for, and im glad I did, cuz I'd still be sitting there trying to figure it out, heh.
Oh God..! Got USER.. but root is hurting... Man any tips?!! lol I have read about the 'tiny' things etc. But cannot get it to bloody work. haha I need help. I cannot do everything alone.
User : Irritate , Some thing you know but unthinkable. When you know you will Laugh
Root : In front of you
Thanks @jkr for the fun box
Hi, I have got the hashed credential and found the hidden keys in the hidden folder but still can't get in as its asking for passphrase ..is there another credential ?
I found d**** credentials, but john and hashcat doesn't work for me, any help? PM please!
Type your comment> @chiefgreek said:
No, you need to crack key to obtain passphrase
I swear, if I read the man page and the file another time without understanding where is the caveat!
Enjyoing the frustration though, thanks @jkr
Edit: rooted, I liked this box, very CTF-esque.
rooted.Great box! Thx
Rooted, crazy machine.
My hint for root:
If your command doesn't work, try this command in another terminal(not Kali terminal)
Thanks for the hint @rholas @bertalting @htbmar
The way to get root made me feel real stupid, took me way to long. I don't understand the name tho, anyone care to PM me an explanation?
PM if you need any assistance.
Red Team
Need some help for the user. In brief, I got the creds, played around with c*** file and accessed the user's home folder over URI. I noticed that the home folder has some strange permissions too. PM please
Whoop! Just finished this machine! Enumeration is key, once again, to get the foorhold, and then Kali has all the tools you need to get from foothold -> user -> root!
Feel free to pm for help!
Finally got root
thx @ PlayerThree and 0X44696F21