Im confused because i have ssh with user n......y but my password is a key that i found in a .mon...r file. So, i need to get mon......r compromised? I found something like a symlink.... but i dont know... A hint to find Waldo via pm please?
@9999volts said:
Im confused because i have ssh with user n......y but my password is a key that i found in a .mon...r file. So, i need to get mon......r compromised? I found something like a symlink.... but i dont know... A hint to find Waldo via pm please?
Check every file on .shh folder and you will find what you need!
Stuck on user, I can see all web paths, I've watched how the files work adding, editing and deleting lists, I've even tried editing and resending the headers but I'm in front of a never ending wall, any hint? I just wanna die lol... Thanks in advance
Managed to escape from jail, im ok. So, getxxp thing on what directory i have to apply? Is important /Home/mon.....r/bin?? or maybe that restricted.sh thing, what is it? Pretty stuck on getc.... is it one by one? pm please
Hi, i get the shell and flag the user account but i'm currently stuck with the privilege escalation and i need some help. It seem that we are in a docker container and i would like some help to continue.
Having some trouble with the priv esc from M*** to root. The capable hints have been great, just can't quite piece it together. Can anyone PM me with some additional hints/directions?
Edit: root.txt acquired shortly after asking this and reading more
This is my second box, and I could use a nudge.
I should be able to read files, and I'm getting a 200 response but there is no data returned.
f***=**** doesn't seem to work as it looks like it should. I'm getting the same response to a blank request.
Any help?
I'm having some trouble reading the user.txt
I suspect it can't be read with current permissions. I'm fairly sure I need to use m****** file to go on. I've removed the bad chars and changed permissions to 600 but I'm not being granted access. Denied (pub)
@ananpier85 said:
I'm having some trouble reading the user.txt
I suspect it can't be read with current permissions. I'm fairly sure I need to use m****** file to go on. I've removed the bad chars and changed permissions to 600 but I'm not being granted access. Denied (pub)
A little help please?
I used a decoding online service for that format type and logged in worked for me. Hope it help
@ananpier85 said:
I'm having some trouble reading the user.txt
I suspect it can't be read with current permissions. I'm fairly sure I need to use m****** file to go on. I've removed the bad chars and changed permissions to 600 but I'm not being granted access. Denied (pub)
Holy cow. Finally got the user and root flag. Shoutout to @ZaphodBB for the hints that got me through the small hurdle. As a Linux user for years, there's always something new to learn as this box revealed. What a ride!
Comments
Im confused because i have ssh with user n......y but my password is a key that i found in a .mon...r file. So, i need to get mon......r compromised? I found something like a symlink.... but i dont know... A hint to find Waldo via pm please?
Check every file on .shh folder and you will find what you need!
I am so confused.... Im a lucky guy, 2 times i have found user journey just by enumerating processes!! just i received a gift xd
rooted, thanks @helloclarice for the help.
Anyone need help can PM me.
Anyone got root shell ? I tried ssh and to crack the hash with no luck!
rooted. ty @buckeye1234 for help
Stuck on user, I can see all web paths, I've watched how the files work adding, editing and deleting lists, I've even tried editing and resending the headers but I'm in front of a never ending wall, any hint? I just wanna die lol... Thanks in advance
Managed to escape from jail, im ok. So, getxxp thing on what directory i have to apply? Is important /Home/mon.....r/bin?? or maybe that restricted.sh thing, what is it? Pretty stuck on getc.... is it one by one? pm please
Could anyone help to figure out how to get user?
I have two thigns that attract my attention, but cannot bypass filter:
*Writing files looks very promisingly but dont know how to bypass is_numeric()
Hi, i get the shell and flag the user account but i'm currently stuck with the privilege escalation and i need some help. It seem that we are in a docker container and i would like some help to continue.
Having some trouble with the priv esc from M*** to root. The capable hints have been great, just can't quite piece it together. Can anyone PM me with some additional hints/directions?
Edit: root.txt acquired shortly after asking this and reading more
Finally got root thanks to this forum and to @buckeye1234 for all the advice.
If anybody was able to get root shell, will you PM me please, with a friendly nudge?
This is my second box, and I could use a nudge.
I should be able to read files, and I'm getting a 200 response but there is no data returned.
f***=**** doesn't seem to work as it looks like it should. I'm getting the same response to a blank request.
Any help?
Edit: Nevermind, I had made a simple error.
I'm having some trouble reading the user.txt
I suspect it can't be read with current permissions. I'm fairly sure I need to use m****** file to go on. I've removed the bad chars and changed permissions to 600 but I'm not being granted access. Denied (pub)
A little help please?
I used a decoding online service for that format type and logged in worked for me. Hope it help
Maybe you are not the right user?
It should not have taken me so long to realize that, thanks.
Now on to root!
fairly unobvious way to root. anyway, flag is mine \m/
pm me, if you need a hint.
Can anyone help me out with waldo machine? Please PM me for the hints for gain normal user access. Thanks.
Check how list works.
While adding a new list, we can add some data. But whatever I am storing, in burp response it shows there but in the browser it shows nothing.
Holy cow. Finally got the user and root flag. Shoutout to @ZaphodBB for the hints that got me through the small hurdle. As a Linux user for years, there's always something new to learn as this box revealed. What a ride!
great post here.
Could anyone PM me for root ? I'm currently logged in as m*****r . Found interesting files in ap*-**v directory. Cannot figure out a way to root.
Hi, I got user. But I can't work out how to escape the rterm, logged in as n****y
Okay, I got out of that restriction, and into another, and out of that, but now I'm reaaaaaly stuck
this should come in handy for anyone needing to remove newline and escape characters in a file they might hypothetically find somewhere:
nice little action there, had to do it manually.
oh shit!
I keep getting this when trying to use the file that has extra hacker capabilities...
*pts/0���[�
pts/0ts/0monitor127.0.0.1���[C�$
when I have @#$@_read_search I don't understand why I can't read what i'm trying to read....