Reel

ugh when you have the right idea and struggle to remember a fundamental requirement for it to become effective for over a day.

Was fun though :smiley:

Finally done, learned so much from this box as I usually do more linux boxes. Congrats and thanks to @egre55 for this box !

No box has challenged me as much as this one. So much learnt, and so much fun! The best box I’ve done so far. Thanks @egre55 great work.

Cheers guys & well done! Happy you learned from it :slight_smile:

So I’ve hit a bit of a wall on this one. I’ve managed to make it a ways in until I had control over the b***********s object, but it doesn’t seem that one actually controls anything/has any real permissions. At least not that I can see. Is that object useful, or did I go down the wrong path?

hey ! i am stuck on this one
don’t know where to go can any one please give me any hint?
i have the readme file. maybe have to m*** r**
you can PM

Wow! @egre55 you created an Awesome machine! This was one of the most frustrating ones I have done so far but the most rewarding as it taught me a lot about some tools I have wanted to dig into further! I would say this would be similar to a real world scenario…

Glad this one is done :-)!

Spoiler Removed - Arrexel

I have got the user but stuck with priv esc. Any strong hint on decrypting xml file?

Or am I heading in wrong direction?

Kindly PM me.

@dodo said:
Hi!
I’m having some problems to privesc from tom, I saw the csv with all groups using the bloodhound aggregator but I dunno how to use those informations…

Same here, I think I know what the next step is, but all ways I’ve tried so far resulted in permission error. Is there anyone I can send a PM to confirm I’m on the right track?

I’m also working to privesc from Spoiler Removed - Arrexel… With the info in the CSV should be enough to figure out the next steps? or we need to get more info for the tool to work?

Getting the use is fun part. but now I’m stuck at the root.

any hints guys?

I managed to privesc from tom to ****** using the *****view to enable some commands and modify a property for the ****** user as tom.

But now I’m stuck…again :disappointed: :smiley:

@dodo said:
I managed to privesc from tom to ****** using the *****view to enable some commands and modify a property for the ****** user as tom.

But now I’m stuck…again :disappointed: :smiley:

Happy to help feel free to DM me.

Got initial shell, I think I know more or less where I should go but no luck. Any hint please ?

@dodo said:
I managed to privesc from tom to ****** using the *****view to enable some commands and modify a property for the ****** user as tom.

But now I’m stuck…again :disappointed: :smiley:

Thanks! I was trying to do the same but with other tools. I used *****view and it worked :dizzy:

Hi,
Could anyone PM me a foothold about this box? I found few ports open, and I tried to exploit these ports by using metaxxxx but I was failed, and also tried some other exploits about these ports, but also failed. Then, I have no idea what I need to do…

Thank you.

Hmm, I’ve enumerated and have read some files and I am now researching what I see. Is this box attackable from Kali or do you need to be on a Windows machine? (PM would be helpful)

@LegendarySpork not necessary to be on a Windows machine, with Kali you can do everything you need.

.