Reel

Got initial foothold… now to get admin… have some idea’s but struggle to translate them to actual actions :frowning: if someone would be willing to give a small hint via PM :slight_smile:

It’s like a Matryoshka doll, how many users I have to get until admin? LOL

I am trying to get the initial shell but I can’t get the payload to work. Can somebody give me a hint, cause I’m getting crazy

Can somebody pm me about the privesc? Im currently the first user but cant figure out the syntax to use the .xml file…

@Kevoenos said:
Can somebody pm me about the privesc? Im currently the first user but cant figure out the syntax to use the .xml file…

Spoiler Removed - Arrexel

I have a Y/N question: Has anyone gotten initial access to this box by using MSF to both generate payload and host server for remote shell? I can see with wireshark that at least part of my payload is executing but the remote shell is not happening.

Oh geez, never mind, my msf foo is lacking.

Im staring at some claire, but dunno how to use her! some tip from here?

is anyone available via DM to let me know if i’m on the right track for getting user ?

@josi said:
Im staring at some claire, but dunno how to use her! some tip from here?

Do something similar to how you came up with the steps to reach here.

This sure was a fun box. Was absolutely overthinking the process when I got user… but with some subtle hints I got on a path which led to admin in a few minutes :+1:

ugh when you have the right idea and struggle to remember a fundamental requirement for it to become effective for over a day.

Was fun though :smiley:

Finally done, learned so much from this box as I usually do more linux boxes. Congrats and thanks to @egre55 for this box !

No box has challenged me as much as this one. So much learnt, and so much fun! The best box I’ve done so far. Thanks @egre55 great work.

Cheers guys & well done! Happy you learned from it :slight_smile:

So I’ve hit a bit of a wall on this one. I’ve managed to make it a ways in until I had control over the b***********s object, but it doesn’t seem that one actually controls anything/has any real permissions. At least not that I can see. Is that object useful, or did I go down the wrong path?

hey ! i am stuck on this one
don’t know where to go can any one please give me any hint?
i have the readme file. maybe have to m*** r**
you can PM

Wow! @egre55 you created an Awesome machine! This was one of the most frustrating ones I have done so far but the most rewarding as it taught me a lot about some tools I have wanted to dig into further! I would say this would be similar to a real world scenario…

Glad this one is done :-)!

Spoiler Removed - Arrexel

I have got the user but stuck with priv esc. Any strong hint on decrypting xml file?

Or am I heading in wrong direction?

Kindly PM me.