Official TheNotebook Discussion

1235

Comments

  • edited May 28

    For root: I am not getting the last shell, i'm using two sessions and think the PL is correct.. anyone having similar issues?

    EDIT: Rooted. Oh wow. I spent a day not being fast enough :)

  • Really cool box!

    initially I was going the right way, but didn't know this kinda modification was even possible but hey learned smth new!

    Lateral Movement + Root was really straight forward and rather easy then medium.

    Thanks to the creater!

  • Rooted! Nice box.
    Ask me for hints while it's still fresh in my memory... I should take more notes ;)

  • edited May 31

    Rooted !

    Initial Foothold : after all of your basic enumeration & stuff, you will be left with one thing to try out. think about all exploitable component in the web application. specially web applications !

    User : it is all about hard enumeration to find what you need !

    Root : if you find the exploit you can get root ! this is very interesting exploit and informative !

    Thanks @mostwanted002 for this machine !

  • I could use a sanity check for root. I believe I've got the right exploit, I believe I'm executing it properly, but no matter my payload I don't seem to get any sort of execution at all. Everything else looks right.

  • @wizliz said:

    I could use a sanity check for root. I believe I've got the right exploit, I believe I'm executing it properly, but no matter my payload I don't seem to get any sort of execution at all. Everything else looks right.

    So it clearly depends on the exploit you are using.

    If you are using the same one as I did, you need two sessions, one to run the command, grab the exploit and run the exploit.

    The second to run the command.

    Note: I am not going to be available much in September.

    TazWake

    Note: https://www.nohello.com/

    Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.

  • Type your comment> @TazWake said:

    @wizliz said:

    I could use a sanity check for root. I believe I've got the right exploit, I believe I'm executing it properly, but no matter my payload I don't seem to get any sort of execution at all. Everything else looks right.

    So it clearly depends on the exploit you are using.

    If you are using the same one as I did, you need two sessions, one to run the command, grab the exploit and run the exploit.

    The second to run the command.

    Hrm, this is exactly what I'm doing. Even get the "No help topic" message as the demo shows. It just doesn't appear that anything else ever actually happens.

    I'll have to go poke around some more.

  • I don't know what I mucked up where, but I blew everything away and started fresh and it worked first try :shrug:

  • Rooted, fun box as there were new things to learn. The exploits were not too complicated to understand and execute, which made the box much more fun.

    Foothold: Tell the browser that you are the boss
    User: Look into the past
    Root: impersonate him

    PM if you need help

  • God damn it! Finally rooted, so annoying... typos were made, hurtful things were said.
    I will learn to tripple check my sh*t

  • Somehow I managed to get the S** key for user. But if I try to login I always get a "Connection closed" message. Tho I think it is the right way, am I missing something?

  • Type your comment> @Dirks0n said:

    Somehow I managed to get the S** key for user. But if I try to login I always get a "Connection closed" message. Tho I think it is the right way, am I missing something?

    My problem was that I just missed the name of user

  • Finally rooted it, that was hard. But I really enjoyed it. I found all the hints so far to be loads of help, PM if you need a nudge.

    andrewh

    Happy to help people but PLEASE explain your problem in as much detail as possible!

  • Can anyone give me a hint for user? I have checked all the notes and suspicious directories, including bks . Spent too much time for finding clues...

  • @PenguinPanda said:

    Can anyone give me a hint for user? I have checked all the notes and suspicious directories, including bks . Spent too much time for finding clues...

    If you've looked in bks you've been in the right place. It's not so much a clue as the thing you need to get into the box.

    Note: I am not going to be available much in September.

    TazWake

    Note: https://www.nohello.com/

    Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.

  • Type your comment> @TazWake said:

    If you've looked in bks you've been in the right place. It's not so much a clue as the thing you need to get into the box.

    Thank you so much forr your help!! I got the user and am going to get root.
    Your posts always helped me a lot.

  • Hi everyone, this is actually my first post in here. Anyway I'm trying to get a shell as root on the system but when I run the exploit I get an error message saying that "libgo.so.16:" doesn't exist on the system. I am apparently doing everything correctly and can't figure out why this is happening. Can anybody help me with this? Thank you in advance

  • Nevermind. I manage to get root!!! For those of you who are coming across the libgo.so.16 missing, just update golang on your machine and recompile the exploit.

  • FInished this box. Learn some new things while finding my way to get the initial shell. For root, you just need to make sure to follow the indications of the exploit.

    Pepe

    pp123

  • Can someone ping me...I am getting 500 error after tampering certain thing

  • Type your comment> @TazWake said:

    Foothold and User were relatively straightforward.

    • Interception and tampering
    • then enumeration.

    I am currently hitting a wall on root though. I think I have the right exploit to use (and it seems to work) but the payload isn't throwing a shell. On the plus side, go is a really easy to understand language.


    Finally resolved it. Turns out I just needed to change the thing I was calling.

    I have the same problem as you:"I think I have the right exploit to use (and it seems to work) but the payload isn't throwing a shell."
    How did you resolve it?

  • Type your comment> @bryterlayter said:

    I was stuck on foothold for so long, wondering why it wasn't working, only for me to figure out that it was because I was using the wrong email address. Needless to say, I'm embarrassed lol
    My PMs are open if anyone wants nudges for foothold! I'm online most of the time

    edit: Rooted! (kinda). Got the flag but couldn't figure out how to get a full connection back. Would love to run my attempts by someone to see what I was doing wrong!

    DM me if you need any advice on getting root flag!

    I think i have arrived the last step , I executed POC normally, but I didn't get shell back.Can you help me ? Thanks a lot!

  • @spidermanXjf said:

    I have the same problem as you:"I think I have the right exploit to use (and it seems to work) but the payload isn't throwing a shell."
    How did you resolve it?

    I needed to tweak the payload.

    Note: I am not going to be available much in September.

    TazWake

    Note: https://www.nohello.com/

    Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.

  • edited June 18

    @m1tch404 said:

    Am stuck at the door of the root own... Tell me if you get the same problem while executing main file :

    ./main: error while loading shared libraries: libgo.so.16: cannot open shared object file: No such file or directory

    I don't want to spoil so my DM are open !

    DM'ed you ;-)

  • edited June 23

    Type your comment> @ALCATRAZ1928 said:

    Nevermind. I manage to get root!!! For those of you who are coming across the libgo.so.16 missing, just update golang on your machine and recompile the exploit.

    Thumbs up for that hint!

  • Type your comment> @TazWake said:

    @spidermanXjf said:

    I have the same problem as you:"I think I have the right exploit to use (and it seems to work) but the payload isn't throwing a shell."
    How did you resolve it?

    I needed to tweak the payload.

    I have solved :blush: '/bin/sh' is right in the second session

  • i got to the admin and read the notes that are there.
    i know where i should be at in the directory and what file to look at (somewhere around the .bak files), however i can't open that one important file because it is compressed and i can't unzip it because i don't have permission as i am neither a user or root.

    how did you manage to open that file :s help, thank you team

  • Type your comment> @codacaster said:

    Type your comment> @ALCATRAZ1928 said:

    Nevermind. I manage to get root!!! For those of you who are coming across the libgo.so.16 missing, just update golang on your machine and recompile the exploit.

    Thumbs up for that hint!

    What version of golang are you using?
    I've used and updated it to version 1.16.5 but I still get "error while loading shared libraries: libgo.so.16: cannot open shared".

  • Get rooted yeah! PM me if you get stuck.

  • I just got foothold. I guess it is not intended that shadow and root.txt are in /tmp? :D

Sign In to comment.