Poison

I got the User.
Logged in to VNC but nothing more.
I am not even sure if I have extracted the zip files.
Can anyone plz help me to ger root?

ok so feel kinda dumb but more frustrated. I had a bad snapshot of my kali. Deleted it, realized after coming back I lost all my info on Poison. My fault I know. I have user and submitted that… But if anyone can DM me to help me get back on priv exec, I’d appreciate it. No answsers just a discussion if you have time and if not its ok, I just get to learn TWO lessons :slight_smile:

this box was truly difficult for me as a Total NOOB… for those of you that are stuck on the priv esc… keep reading its easy to skim past important information… for those stuck trying to get the foothold… make sure to enumerate the ■■■■ out of this thing. With everyone and their dog resetting the box it was very difficult to get a good scan… A GOOD SCAN MAKES ALL THE DIFFERENCE

What about grey screen with that process ?

@NoireMouton said:
What about grey screen with that process ?

Google the grey screen to fix it.And for the secret file, it’s not actually empty.And there is a way to use it with that service without encrypting it.Google it and u will see what i mean.
Just rooted.Pm if you want any help.

getting user was fun. Getting root - had to really think outside the box on this one. what frustrated me was i already use the method almost daily for other stuff. nothing fancy, just a lot of ENUMERATION as always (i hate seeing that word every time i get stuck)

Everything to solve the machine is already written here. It’s really easy.
If you read the posts here carefully you have kinda a step-by-step guide on how to solve this box.
If you are still asking, maybe you should continue to learn basics of networking and how UNIX based machines work.
This would make other boxes also easier for you.

The box was kinda fun :slight_smile:

@wirehack7 said:
Everything to solve the machine is already written here. It’s really easy.
If you read the posts here carefully you have kinda a step-by-step guide on how to solve this box.
If you are still asking, maybe you should continue to learn basics of networking and how UNIX based machines work.
This would make other boxes also easier for you.

The box was kinda fun :slight_smile:

R00ted. This is absolutely 100% true

having an "event not found " while unzipping!! any idea?
using unzip -p password zipfile.zip syntax
please help

@madbro said:
having an "event not found " while unzipping!! any idea?
using unzip -p password zipfile.zip syntax
please help

maybe download it to your machine

This box has me scratching my head (banging my head)… I know the service I’m looking for and I’ve used what I think is the method before to connect to a similar service on windows and I even get a connection although mostly grey screen with a terminal in the top corner but as regular user c***ix not root… I assume the secret file is the key but not sure what type of charset or algo I may be looking at? I’m thinking I need to use the user to tunnel through or am I off here? I think I’m close…

@3s073r1k said:
This box has me scratching my head (banging my head)… I know the service I’m looking for and I’ve used what I think is the method before to connect to a similar service on windows and I even get a connection although mostly grey screen with a terminal in the top corner but as regular user c***ix not root… I assume the secret file is the key but not sure what type of charset or algo I may be looking at? I’m thinking I need to use the user to tunnel through or am I off here? I think I’m close…

You’re close, maybe its not an algo or charset look at the man page of the thing you’re using to try and connect, then think about the file

Thanks for the tip… On my way to bed but I’ll be reading some man pages in the a.m! Always appreciate a nudge… wondering if I should be using X*** or **servr ?
Hopefully that’s not a spoiler…

@3s073r1k said:
Thanks for the tip… On my way to bed but I’ll be reading some man pages in the a.m! Always appreciate a nudge… wondering if I should be using X*** or **servr ?
Hopefully that’s not a spoiler…

Hey ! I’m stuck at this same place . I have been using the vv*wer via option without any luck.

I just woke up and about to try and Tackle this again, if I figure out anything I’ll hit you up in a DM

3 hours with nothing - how to do this -_-

its hard so much i just find the encode file with 13 times

and i can’t do anything about it

i tried ssh with it but nothing its says public key -_-

i hope i got any hint from you guys ^.^ help me to go out of noobs area

If it is encoded x amount of times then you need to decode it amount of times… Figure out the encoding and it should be simple

@ashishjv1 said:
Hey ! I’m stuck at this same place . I have been using the vv*wer via option without any luck.

If you find the answer let me know , maybe a push in the right direction

Hi, I am trying to do the impossible_password but when extracting the .zip file to a .bin when extracting the .bin it turns into .bin.cpgz opening that turns it back into a .bin.

I’m using MacOSX archiver utility and downloaded The Unarchiver with no luck. Any help is much appreciated

@3s073r1k said:
@ashishjv1 said:
Hey ! I’m stuck at this same place . I have been using the vv*wer via option without any luck.

If you find the answer let me know , maybe a push in the right direction

Hey ! I got root . I can say that you are in the right direction ! Just keep Going ! If you need more help PM me.
:slight_smile: :slight_smile:

And Thanks to @felli0t @Monkey23 for all the help !