Poison

Spoiler Removed - Arrexel

So close, can I PM somebody for hints on v*******r? I can connect but whoami is just the unpriv user.

got user access and also learned a lot about service running to get root access but through that service also I am getting user access and not root access.please PM …

Hi, I am struggling with the step after the user.txt and secret. Need some kind soul to help me on the tunneling… Anyone can DM me please?

Edit: Guys, rooted, DM for Hints

ok. Im at that ‘grey screen’ ive seen mentioned. Fix the display settings and im there… Right?
This has been a fun box. Learning loads.

Okey guys, solved it, PM for hints.

Can i have a hint about how to fix the ‘grey screen’ ?

@joe0x5a said:
ok. Im at that ‘grey screen’ ive seen mentioned. Fix the display settings and im there… Right?
This has been a fun box. Learning loads.

If you look at the running processes, there are likely a few instances of that running. Be concerned about the one running on root and how you ‘get’ to that one.

i decoded the .txt using the methods mentioned in this thread and have the user/pass but I can’t ssh with that…should i be able to?

Are you sure you’re using the right user?

@Bear said:
Are you sure you’re using the right user?

Just read people have been changing the password… may need to reset box :frowning:

@Bear said:

@Bear said:
Are you sure you’re using the right user?

Just read people have been changing the password… may need to reset box :frowning:

I just tried and password seems to be ok… if anyone can help with priv esc please pm me though!

@Bear said:
Are you sure you’re using the right user?

I assume its the right user since the username was part of the file I decoded. I had seen the same user in the passwd file. I’ll try a reset and see if that helps.

Yes… finally got root. Was messing up one of the stupid ports in the final command. PM me if you need any hints!

Rooted. I learned a couple of things from this box. First, one of my go-to recon tools doesn’t produce all the output I want on this particular OS so I googled a little and found another tool that provides the right information. Second, how certain services handle credentials (I am simply shocked, shocked I tell you).

I had already in the past spent a long time learning about how to see the light at both ends of the tunnel going in both directions, and I tell you that week was TOTALLY worth it. It has been a lifesaver and a huge timesaver over and over again.

@royc3r said:
i decoded the .txt using the methods mentioned in this thread and have the user/pass but I can’t ssh with that…should i be able to?

Also its Caps sensitive

Is it just me or yesterday this box had vnc service? Today I get only 22, 80. Does that mean that vnc is not important for this challenge or something else happened?

@milosa said:
Is it just me or yesterday this box had vnc service? Today I get only 22, 80. Does that mean that vnc is not important for this challenge or something else happened?

It still has it but you’re looking in the wrong place

good maschine maaan the last bit give me the SH*****TS lol

but got root aget +1 respect those who assisted me should mention name :slight_smile:

I managed to get root but I don’t entirely understand how the process worked, can anyone PM me and explain it to me?