Poison

@Txos1 @opanwar @JohnVanBoxtel

Thank you so much. Got Root.

rooted big thanks to @xdaem00n

@m1chaelsh1 said:
may I get a hint, I already unzip the zip file and have the words in secret, also enumerated the port of service and got password but after login in this service I am still a normal user not root I need some hint

Make sure you read up on and understand the services you are using to connect to the target machine as well as what those ports represent. The other people Iā€™ve helped on this box seemed to have gotten a lot out of the following advice:

If that service(s) was not already installed on that machine, how would you go about creating an installation? Where would it install too, create files at, and what other types of files are possible to be created to streamline the use of the service? After that, really think about how connections are made. If you are user, dump a process list and observe who is running what processes, including command line options. If you are unsure of why options are used, grep the man pages and figure out why. This should lead you to what you need to do to complete this box.

a question how did you guys know in which port the service running,nmap only show two ports and p s aux no port mention their

I have found a password list, but not able to decrypt it. Any suggestions on PM would be very much appreciated

just rooted :slight_smile:

Big thanks to @Sandshrew and @sazouki

PM for any hints

Thanks.

Finally got root. PM for hintsā€¦

I will say that what made me take a while on this box was overthinking the scenario.

@xdaem00n thank you for your post that said enumeration was the only thing truly necessary for user & root.

r00tedā€¦ pm for hints !!
Donā€™t overthink just enumerate and there it is right in front of you.

thank you @sazouki @ajchristiano91 with ur hints :slight_smile:

Can somebody please PM me on the priv-esc i have read the secret file but donā€™t know i can use it withā€¦ i have read this entire forum multiple times :anguished:

Hello I canā€™t figure out how to unzip the file can someone pm me Iā€™m so close just need to unzip that file

This box is all about enum. PM me if you need more hints.

Yes! Rooted. PM for hints.

Rooted, PM if you need a hint.

.

Hello. Is anyone willing to help me via PM? Iā€™m actually very close to root.txt, but I guess Iā€™m a little confused with the commands. Thanks in advance.

Please Some One help me with the box. I need a hint

i need a hint . Any one can help

@elio said:
Hello. Is anyone willing to help me via PM? Iā€™m actually very close to root.txt, but I guess Iā€™m a little confused with the commands. Thanks in advance.

I am Stuck canā€™t Find way in can you help

Rooted. Advise. For initial access, I built a like VM and followed blogs on the perceived issue. The practice paid off and I had a simple shell script that spawned a shell every single time. For privilege escalation, I found the unusual files were there for a reason and it was a matter of leveraging your previous step, to complete the next step.

Hello. I donā€™t know what to do with the password. COuld you please give me a hint (or PM)?
I tried many many websites and inserted the encoded password into it, however no success.