Hint for Waldo

1101113151619

Comments

  • Im confused because i have ssh with user n......y but my password is a key that i found in a .mon...r file. So, i need to get mon......r compromised? I found something like a symlink.... but i dont know... A hint to find Waldo via pm please?

  • @9999volts said:
    Im confused because i have ssh with user n......y but my password is a key that i found in a .mon...r file. So, i need to get mon......r compromised? I found something like a symlink.... but i dont know... A hint to find Waldo via pm please?

    Check every file on .shh folder and you will find what you need!

  • edited September 2018

    I am so confused.... Im a lucky guy, 2 times i have found user journey just by enumerating processes!! just i received a gift xd

  • rooted, thanks @helloclarice for the help.
    Anyone need help can PM me.

  • Anyone got root shell ? I tried ssh and to crack the hash with no luck!

  • rooted. ty @buckeye1234 for help

  • Stuck on user, I can see all web paths, I've watched how the files work adding, editing and deleting lists, I've even tried editing and resending the headers but I'm in front of a never ending wall, any hint? I just wanna die lol... Thanks in advance

  • edited October 2018

    Managed to escape from jail, im ok. So, getxxp thing on what directory i have to apply? Is important /Home/mon.....r/bin?? or maybe that restricted.sh thing, what is it? Pretty stuck on getc.... is it one by one? pm please

  • Could anyone help to figure out how to get user?

    I have two thigns that attract my attention, but cannot bypass filter:

    • Found how to read any file, but didn't found how to bypass user.txt filter

    *Writing files looks very promisingly but dont know how to bypass is_numeric()

  • Hi, i get the shell and flag the user account but i'm currently stuck with the privilege escalation and i need some help. It seem that we are in a docker container and i would like some help to continue.

  • edited October 2018

    Having some trouble with the priv esc from M*** to root. The capable hints have been great, just can't quite piece it together. Can anyone PM me with some additional hints/directions?

    Edit: root.txt acquired shortly after asking this and reading more :)

  • Finally got root thanks to this forum and to @buckeye1234 for all the advice.

  • If anybody was able to get root shell, will you PM me please, with a friendly nudge?

  • edited October 2018

    This is my second box, and I could use a nudge.
    I should be able to read files, and I'm getting a 200 response but there is no data returned.
    f***=**** doesn't seem to work as it looks like it should. I'm getting the same response to a blank request.
    Any help?

    Edit: Nevermind, I had made a simple error.

  • I'm having some trouble reading the user.txt
    I suspect it can't be read with current permissions. I'm fairly sure I need to use m****** file to go on. I've removed the bad chars and changed permissions to 600 but I'm not being granted access. Denied (pub)

    A little help please?

  • @ananpier85 said:
    I'm having some trouble reading the user.txt
    I suspect it can't be read with current permissions. I'm fairly sure I need to use m****** file to go on. I've removed the bad chars and changed permissions to 600 but I'm not being granted access. Denied (pub)

    A little help please?

    I used a decoding online service for that format type and logged in worked for me. Hope it help ;)

  • @ananpier85 said:
    I'm having some trouble reading the user.txt
    I suspect it can't be read with current permissions. I'm fairly sure I need to use m****** file to go on. I've removed the bad chars and changed permissions to 600 but I'm not being granted access. Denied (pub)

    A little help please?

    Maybe you are not the right user?

    fasetto

  • edited October 2018

    @fasetto said:
    Maybe you are not the right user?

    It should not have taken me so long to realize that, thanks.
    Now on to root!

  • fairly unobvious way to root. anyway, flag is mine \m/
    pm me, if you need a hint.

  • Can anyone help me out with waldo machine? Please PM me for the hints for gain normal user access. Thanks.

  • @johnybaba said:
    Can anyone help me out with waldo machine? Please PM me for the hints for gain normal user access. Thanks.

    Check how list works.

  • @LordRNA said:

    @johnybaba said:
    Can anyone help me out with waldo machine? Please PM me for the hints for gain normal user access. Thanks.

    Check how list works.

    While adding a new list, we can add some data. But whatever I am storing, in burp response it shows there but in the browser it shows nothing.

  • edited October 2018

    Holy cow. Finally got the user and root flag. Shoutout to @ZaphodBB for the hints that got me through the small hurdle. As a Linux user for years, there's always something new to learn as this box revealed. What a ride!

    bluecipher

  • Could anyone PM me for root ? I'm currently logged in as m*****r . Found interesting files in ap*-**v directory. Cannot figure out a way to root.

  • Hi, I got user. But I can't work out how to escape the rterm, logged in as n****y

  • Okay, I got out of that restriction, and into another, and out of that, but now I'm reaaaaaly stuck

  • this should come in handy for anyone needing to remove newline and escape characters in a file they might hypothetically find somewhere:

    cat dirty_file | sed 's/\\n/\n/g' | sed 's/\\//g' > clean_file

    Hack The Box

  • @s1k said:
    this should come in handy for anyone needing to remove newline and escape characters in a file they might hypothetically find somewhere:

    cat dirty_file | sed 's/\\n/\n/g' | sed 's/\\//g' > clean_file

    nice little action there, had to do it manually.

  • edited October 2018

    oh shit!

    I keep getting this when trying to use the file that has extra hacker capabilities...

    *pts/0���[�
    pts/0ts/0monitor127.0.0.1���[C�$

    when I have @#$@_read_search I don't understand why I can't read what i'm trying to read....

Sign In to comment.