Hint for TartarSauce!

Iā€™m stuck for almost 3 days. I enumerated every directory with gobuster. Downloaded m*******.zip open source app, read its files. scanned all ports. Found 2 exploits but none of them works.Iā€™m very stuck. ā€œretartarā€ I thought it was related somehow to .tar archive files but I donā€™t know.I even archive php file twise into tar(re-tar-tar) :slight_smile: BUT NOTHING WORKS. Very little help will be appreciated. I need just direction.

Could anyone pm me for priv esc, I know about the script and the ā€œdifferencesā€, I tried with root flag but doesnā€™t print it out for meā€¦ so close yet so farā€¦

@bonjourpancake said:
Could anyone pm me for priv esc, I know about the script and the ā€œdifferencesā€, I tried with root flag but doesnā€™t print it out for meā€¦ so close yet so farā€¦

work smarter, not faster :wink:

@drtychai said:

@bonjourpancake said:
Could anyone pm me for priv esc, I know about the script and the ā€œdifferencesā€, I tried with root flag but doesnā€™t print it out for meā€¦ so close yet so farā€¦

work smarter, not faster :wink:

I managed to get it like 20 minutes after I posted this :cold_sweat:

Been spinning my wheels on this one for a while. I have found a couple of services, enumerated them like crazy with tools and manually, have a couple usernames and a pw, but canā€™t find anything still. Can anyone DM a hint for getting initial foothold?

Just rooted !

The priv esc is really nice ! Very nice box :slight_smile:

Iā€™m curious about the root shell, I get the flag but without shell. If someone want to PM about the root shell it would be nice :slight_smile:

got user shell. But stuck on getting root shell. Saw differences but I canā€™t even get an idea whatā€™s happening. Any little hint would be appreciated. I even couldnā€™t get root.txt without root shell.

Someone I can PM for Root privesc ? i have found the logic error in the script but still not able to get the root.txt file

@xMagass said:
Someone I can PM for Root privesc ? i have found the logic error in the script but still not able to get the root.txt file

PMā€™d

Hi , I have got root.txt on tartar but not a shell, is there someone to discuss in Pm about how to get a proper root shell ?

I will need a while before eating this sauce again. I am stuck at priv-esc since a few days now, I have the script, I also understand why this concept of differentiating things is not ok. But ā€¦ how can that bring me to root? PM or MM welcome
EDITED: Thanks @xMagass for the hints, it allowed me to come out of my panic about tartar sauce :+1:

Can someone DM me a hint or something?
I have been stuck for 2 weeks.
I found the webapplications that I think I am supposed to find.
I have scanned them using different tools and made a proxy to get one of the webapplications working correctly.
But how the ā– ā– ā– ā–  do I login to the second webapp?

Finally got root flag, man what a painful boxā€¦

Hi I think I found all thing but i couldnā€™t get shellā€¦Please Helpā€¦PM for hint

Rooted it :smiley:

Can I PM somebody for a few questions?
EDIT: Never mind

Sames as others. Got root flag but not root shell. Any nudge on getting shell?

@xtech said:
Just rooted!! and i can only say one thing: the creator of this machine is sooo EVIL

Ohh yesā€¦ ?

Onuma and @3mrgnc3 are evilā€¦ pure evil
Maker, collaborate with @trickster0 please. Iā€™m pretty sure you can create a sexy box for HTB/Vulnhub

@pzylence Already been working on the next one. Its just going through testing right now, but should be ready to submit in a couple of weeks after i get time to write the walkthrough for the HTB mods.

Also, if you enjoyed my work, check out the boxes Iā€™ve already put up on Vunhub.

C0m80, d0not5top & 64base.
:wink: