Poison

if someone needs any help pm me

Anyone need hits (not answer), just PM me. :lol:

I’m stuck. Anyone there to help me? PM me please

Got usr, and im able to get eyes on the machine… however still as usr. Any hint on how to get root. I did read the article provided in the hints but it doesnt get me much further

I think I owe it to the community here to offer my 2 cents

The first part is all about KISS

The second part is all about enumeration and “DIGGING” deeper

Research is crucial (or at least for me it was)

I hope this helps and not too much of a spoiler.

Just got root, can relax now :smiley:

How can I PM Charix (the creator of the box) in this forum? it’s urgent
EDIT: not so urgent, the box had an unintended way of getting root which was in some kind of history file

Can someone PM me, I need help with root, Unziped file, have xyz service password, know about ssh tunnel, but something doesn’t work

Can anyone give me a hint to start with, my 2nd box ever and just need a nudge in the right direction.

@masterrabbit said:
Can anyone give me a hint to start with, my 2nd box ever and just need a nudge in the right direction.

go to the webpage, read the outputs of the scripts(look for something obvious in one of them). after that come here read through these pages and research the hints others have given.

@TheRealHooz said:

@masterrabbit said:
Can anyone give me a hint to start with, my 2nd box ever and just need a nudge in the right direction.

go to the webpage, read the outputs of the scripts(look for something obvious in one of them). after that come here read through these pages and research the hints others have given.

Yeah tried that, still lost… I know its some form of LFI however none of my attempts to inject a nc shell are working…

there is the hidden file that is encoded but dont know what to do with that

@masterrabbit said:

@TheRealHooz said:

@masterrabbit said:
Can anyone give me a hint to start with, my 2nd box ever and just need a nudge in the right direction.

go to the webpage, read the outputs of the scripts(look for something obvious in one of them). after that come here read through these pages and research the hints others have given.

Yeah tried that, still lost… I know its some form of LFI however none of my attempts to inject a nc shell are working…

there is the hidden file that is encoded but dont know what to do with that

Decoding this file should be pretty BASEic. Get the user through LFI… read this > File inclusion vulnerability - Wikipedia.

Finally ! Got root ! Third box, yay ! I love those boxes where there’s not really an exploit or bruteforcing, solving the puzzles is way more satisfying. I prefer elegant solutions using only shell commands rather that using metasploit and other complicated tools :slight_smile:
Feel free to PM me for hints !

i kind of feel so dumb right now …still didn’t get the first access; although found the LFI and the encoded pass …but didn’t really know what to do …please some help :astonished:

@FK3 said:

i kind of feel so dumb right now …still didn’t get the first access; although found the LFI and the encoded pass …but didn’t really know what to do …please some help :astonished:

Using LFI you have the ability to view some important OS file , also , password is encrypted using an reversible algo . You can start from here …

Wow i was over complicating things majorly
very very basic in the end.

get root is very easy guys… see process runing with “xxxxxxxx”, this is a big hint hahaahaha

@TheBandit said:

@FK3 said:

i kind of feel so dumb right now …still didn’t get the first access; although found the LFI and the encoded pass …but didn’t really know what to do …please some help :astonished:

Using LFI you have the ability to view some important OS file , also , password is encrypted using an reversible algo . You can start from here …

Thanks for the answer,
I actually stuck in there …the decryption of the secret …what algo …
is it complicated or I’m really overthinking it !!!

I can’t seem to get priv esc, can someone please give me a hint? I’m reading about x11/vnc but nothing is hepling

Finally, I was able to access the box, thanks to the help from this forum :+1:

@thermal : what address / port are they running on ? what other service could you use ?

feel free to delete this message if the spoil is too important.