Official Ready Discussion

168101112

Comments

  • Hey,

    So I was able to get Users and now I am on the system as g**. I ran LinPEAS and LinEnum but to be honest. I'm not 100% sure where I should I be looking. Any advice?

  • @Dilan said:

    @TazWake
    I found another exploit. In the final stage getting an error. Help would be appreciated

    File "*****.py", line 122, in
    http_server = raw_input("Continue (Y/N) : ")
    NameError: name 'raw_input' is not defined

    This one worked for me. But it is very much a Python2 script. You can either convert it to python3 or install the right modules and run it in Python2.

    Note: I am not going to be available much in September.

    TazWake

    Note: https://www.nohello.com/

    Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.

  • @Raskul82

    I found it the hard way brother. Thank you

  • Type your comment> @TazWake said:

    @dlhai1986 said:

    has anyone have time ? I will pm , i just want to discuss on READY box . I need a hint :(. Thank you for your time and guidance.

    What hint do you need?

    I had pm you. Thank yu

  • edited January 7

    Hi guys need to help with this error. Thank you
    File "*****.py", line 155, in
    namespace_id = soup.find('input', {'name': 'project[namespace_id]'}).get('value')
    AttributeError: 'NoneType' object has no attribute 'get'

  • edited January 7

    Spoiler Removed

  • @Raskul82

    Thanks for the guide brother

  • Hey Guys I am root and I am trying to break out, I have found some POC's but not having much luck just getting lots of PID's, Can anyone offer a nudge?
  • Hello this is probs a stupid question but i rooted the box but i cant find the flag in the /root folder did it move?? cause i restarted the machine and its still gone.

  • @Dilan i hade the same problem but did u make sure to type in your username and password when running the file.

  • Spoiler Removed

  • I am struggling on breaking out to get the Root flag, Can anyone assist. I have a few POCs and articles but no luck yet

  • Type your comment> @Raskul82 said:

    I am struggling on breaking out to get the Root flag, Can anyone assist. I have a few POCs and articles but no luck yet

    I just did it... someone mentioned it earlier, but the hacktricks article really helped - although the concept is also mentioned in other articles as well.

    If you don't get any further PM me.

  • FINALLY ROOTED!!!!!!!!!!!!!! YAY!!!!! Thank you to all who helped me especially @Harbard @ShayNay @agnorance adn @in3vitab13

  • Hey there, looks like some of you are having trouble running the "exploit script" to get the initial shell... For those struggling, there is a youtube video on how to exploit it that I have uploaded earlier.. Google and fix the dependencies to get the script working. Refer to the GitHub Page for dependencies information. Cheers. Happy Hacking.

  • Type your comment> @Raskul82 said:

    I am struggling on breaking out to get the Root flag, Can anyone assist. I have a few POCs and articles but no luck yet

    There's hard way(s) and there's an easy way. The easy way wasn't so high in search results but not too difficult to spot of you look closely. There's already a hint about it in this thread.

  • @agnorance
    i all ready have root, but the flag is not where it is, i had a look through some other folders i could be in but it anit there. And your right it was a bit odd that the password was labeled as such

  • Type your comment> @AFriend said:

    @agnorance
    i all ready have root, but the flag is not where it is, i had a look through some other folders i could be in but it anit there. And your right it was a bit odd that the password was labeled as such

    You need to break out to get to the root flag

  • Type your comment> @Raskul82 said:

    Type your comment> @AFriend said:

    @agnorance
    i all ready have root, but the flag is not where it is, i had a look through some other folders i could be in but it anit there. And your right it was a bit odd that the password was labeled as such

    You need to break out to get to the root flag

    do u have a hint cause i am stuck

  • Type your comment> @AFriend said:

    Type your comment> @Raskul82 said:

    Type your comment> @AFriend said:

    @agnorance
    i all ready have root, but the flag is not where it is, i had a look through some other folders i could be in but it anit there. And your right it was a bit odd that the password was labeled as such

    You need to break out to get to the root flag

    do u have a hint cause i am stuck

    Could there be a machine inside a machine?

  • nice box for beginners looking to try out a medium box. Very similar to laboratory if you've already done it, except much less complicated. My one tip, you don't exactly need to escape. The box owner left a big door open. PM if you need nudges

  • Got user and root..

    user: a lot of the messages in this thread are about some python script that is not working.. the hint: there are other scripts out there for this vulnerability that may work

    root: unfortunately spent lot of time grepping... after root user obtained you just need to see a "bigger picture" to get the hash ;) not sure what is escaping issue others talking about..

  • Done, I learnt a lot / Thank you

    User: Google is your friend and remember older snakes are more easygoing than younger.. getting the flag is easy job then

    Root: use what you can find in the configs wherever you can
    Sometimes the jail looks scary but you can realize that the door is not locked, don't overcomplicate it just walk out

  • Type your comment> @aksika said:
    > Done, I learnt a lot / Thank you
    >
    > User: Google is your friend and remember older snakes are more easygoing than younger.. getting the flag is easy job then
    >
    > Root: use what you can find in the configs wherever you can
    > Sometimes the jail looks scary but you can realize that the door is not locked, don't overcomplicate it just walk out

    Bro now your making me wonder how you passed it.
  • Type your comment> @Raskul82 said:

    Type your comment> @aksika said:

    Done, I learnt a lot / Thank you

    User: Google is your friend and remember older snakes are more easygoing than younger.. getting the flag is easy job then

    Root: use what you can find in the configs wherever you can
    Sometimes the jail looks scary but you can realize that the door is not locked, don't overcomplicate it just walk out

    Bro now your making me wonder how you passed it.

    Passed it as in bro ? Where ur stuck at

  • finally found root.txt. Special thank you to @TazWake!

  • Spoiler Removed

  • Got the root flag! :)

    Special thanks to @agnorance and @v3ss0n4

  • edited January 12

    I have the files from the uncommon location at /.
    Can someone give me a hint on how to proceed, I have encrypted as well as clear text passwords? The escape part won't be a problem since it's already well documented on the internet.

    edit : I got root user , now on to the escape part

  • Really liked this box!

    Foothold part was a bit hard. Had to use different exploits several times and then adjust the script for my python env (protip: adapt exploit to your needs). Priv esc was fun too. It will take some time, but it is rewarding.

Sign In to comment.