Hint for TartarSauce!

@Juniter said:
I was able to get the root flag, but I did not get a shell. Whether or not this was the intended way, it was a brainf*ck all along. :slight_smile:

To be precise: I did not get a root shell.

guys - i am very new here, just started with tartarsauce, logged in to the admin, tried upload but failed… any one here to PM me for directions? pls

You can pm me. Currently trying to privesc from user to root

Nevermind rooted

Hello !
I’m very stuck on the privesc part, got the user, found some things, but so far can’t manage to get what i’m aiming for, someone is willing to talk about it on pm ? i’m a bit lost …

Rooted. The mind works in weird ways… got nothing for privesc all day staring at it, but once I went to bed, I figured it out in minutes. This thing really is a source of tunnel vision.

PMs ok. And I did get a root shell, but you don’t need to.

Just rooted!! and i can only say one thing: the creator of this machine is sooo EVIL

I always tell people, “The best tool a hacker can ever have is patience”. This box proves that. It was dumb crazy. Made me feel like I was back in the labs for a second. Very well done @3mrgnc3 and ihack4falafel (must not be on forums). I had a great time.

Hint: The name of the box is the best hint you can get. So don’t be ReTarTar…Durp!

Been stuck on getting shell for a while… Found both web apps, logged into one and got nothing. Been running the ■■■■ out of dirbuster/gobuster on directories on the r****s.txt files, but haven’t found anything useful. Can anyone PM to get on the right direction? I Feel like I have missed something…

I got a root after a while. Thanks for help :slight_smile:

@koredump said:
Rooted. The mind works in weird ways… got nothing for privesc all day staring at it, but once I went to bed, I figured it out in minutes. This thing really is a source of tunnel vision.

PMs ok. And I did get a root shell, but you don’t need to.

I did get the root.txt, can you pm the hint on the way you get the root shell?

@3mrgnc3 thanks <3 great box!! Rooted it, didn’t think one roots boxes that way very often, but why not if it works.

All the messages combined in this topic constitute for a total spoiler :trollface:

Got root flag. The most anoying root i got!

This is a box that you learn more and more even after you have obtained root.txt.
I’ve validated 3 ways to get priv esc to root, this was very educational!

When I started this box I hated it, but at the same time I enjoyed it because I was learning a lot. Good job to the creators. I finished it today and I think it taught me a lot.

Got it, finally. Thanks to @Maniek couldn’t have done it without you.

ok so I am severly stuck… can someone assist me… i am trying to get root flag… i know I am like 80 percent of the way thru

@H4ck3d5p4c3 sent you a pm.

Can someone help me with inital access I think im derping out here…

After quite a long battle, I got a root shell. IDK if I consider it “realistic”, but it did teach me a lot. Advise : Have a plan to enumerate if / when automated tools fail and always dedicate some time to open sources and research. Make the effort to duplicate your target in a sandbox environment so you can experiment with different techniques.