Traverxec

1679111245

Comments

  • Type your comment> @Physix said:

    Can someone pm on root please. I see the file, I see the way to root, however everything I try just results in a normal shell not a root shell.

    PM me if u r still stuck bro

  • @PlayerThree said:

    # id
    uid=0(root) gid=0(root) groups=0(root)
    

    The way to get root made me feel real stupid, took me way to long. I don't understand the name tho, anyone care to PM me an explanation?

    PM if you need any assistance.

    pm me bro

  • that might be terribly stupid question, but can someone pls point me to where to find the hash for the initial step ? I did get user and root and submitted these , but couldnt make out the initial hash to submit yet. am I missing something here, might be I dont see the forest due to the many trees around though

    zaphoxx

  • I just want to confirm that the way to root is the s*****-s****.s* file? I just need to make sure since I have been smashing my head into the wall for hours.

  • Type your comment> @cj3207 said:

    I just want to confirm that the way to root is the s*****-s****.s* file? I just need to make sure since I have been smashing my head into the wall for hours.

    dm me bro

  • Got user in about 10 minutes. Root a little bit more (way too much).
    Root, as someone as already pointed out, is a little bit tricky (but not hard) ;)

  • Rooted. Can someone explain the deal with the gtfobin part and why it doesn't work like that with a wider terminal?

  • Type your comment> @Exci said:

    Rooted. Can someone explain the deal with the gtfobin part and why it doesn't work like that with a wider terminal?

    the gtfobin part needs a certain size on terminal to be invoked...

  • Gotcha. Thanks @Shad0wQu35t for the boost.

  • Type your comment> @Shad0wQu35t said:

    Type your comment> @Exci said:

    Rooted. Can someone explain the deal with the gtfobin part and why it doesn't work like that with a wider terminal?

    the gtfobin part needs a certain size on terminal to be invoked...

    Thanks @Shad0wQu35t for the hint!

  • To people who can't get the root method to work: Try it locally. Then look at a certain limiter to work out why it won't work here. It stops there from being a minor display problem: you need to introduce a problem.

    clubby789

    • GCIH
      If you need help with something, PM me how far you've got already, what you've tried etc (I won't respond to profile comments, or on box release night). And remember to +respect me if I helped you ; )
  • Looked at the manual of the service needed for user.
    I should be able to see one of the users' home. However I'm no seeing any files.

    Can someone please give me a nudge?

  • Rooted! Didn't end up using that thing in *pasd so not sure if that was a rabbit hole. Also I ended up getting root accidentally with the "trick" other people are talking about in the thread. If there was a more "intended" way to do it that someone knows of would love a DM!

    Happy to nudge a few people in the right direction.

    Hack The Box

  • can someone pm me for root? i know the gt....n, but dont know how tu put the puzzle together
  • Can anybody guide me to how to crack those "hidden keys".

  • wooooowwww!!! that root was a massive troll... just spilled my drink :)))

  • Yay! Rooted :) Cool, logical machine, thanks @jkr!

    Tips for user:

    • Something should stand out in the nmap scan. Pursue that.
    • When you have shell, enum. You'll find a useful file
    • You have a key but where are the door? RTF config, RTF manual, grab your user flag

    For root:

    • Pretty straightforward
    • A script will reveal a direction
    • Google how it can be exploited.
    • Due to it's limitations you might need a little trick to trigger exploitable state.

    PM me for nudges if needed :)

  • Root was annoying, for me resizing didn’t work, made a change and that worked for me...
  • Root was similar to a challenge from overthewire. This was a neat one, made me laugh. Thanks jkr for yet another great machine!

  • rootdance

    learned a lot and thx for all the help people!

    madhack
    If you need help with something, PM me how far you've got already, what you've tried etc.
    Discord: MadHack#6530

  • edited November 2019

    I would like to accept this "root" on behalf of Traverxec, I would like to give thanks to my producers and directors @dnperfors @Enigma00

    Now lets all root dance!

  • I am stuck in Traverxec box. As I am very new to this field, unsurprisingly, I am not able to gain even the initial foothold. I know that the box is vulnerable because some service (I know which) is running on port 8*, but I am not able to exploit it. I downloaded its metasploit exploit but I am not able to exploit it. Can someone help?
    Thank you

  • i found the pass of the user but how to decrypt this??

  • I got root but I'm confused since all the talk about doing stuff with the size of the terminal didn't actually do anything in the end.

  • Type your comment> @JuicyyCandy said:

    I got root but I'm confused since all the talk about doing stuff with the size of the terminal didn't actually do anything in the end.

    did you decrypt the user Pass?

  • My meta doesn't allow me to search for the n******o exploit.
    Is there a way for me to update the database or something to include it?
    Some of you are claiming it's in your db.

  • rooted, mostly straightforward, though getting root is a bit of a troll

    Parttimesecguy

  • edited November 2019

    Root: I'm not sure what I'm looking for. The s****-s**.sh seems interesting in particular one line. GT***s to gain root access or there's a whole game of symlinking ahead?
    PM me please

  • Type your comment> @PrivacyMonk3y said:

    My meta doesn't allow me to search for the n******o exploit.
    Is there a way for me to update the database or something to include it?
    Some of you are claiming it's in your db.

    Just update/upgrade kali.

  • Type your comment> @saminskip said:

    Just update/upgrade kali.

    Using Parrot and it's updated still a no show. /shrug guess I just have to wait lol.
    Used the non meta version anyway and got a foothold + but just curious about the lack of the search result.

Sign In to comment.