Valentine

Got Ro0t ! ! Thanks to Mr Blackhat , soloxdead for guiding me in the right direction.

Got user. If you need help send me a PM.

I got root a few days ago. Once I had user and fought the dodgy connection it was a piece of cake. PM if anyone needs help.

Got root. If you need help send me a PM.

Got user and root.
Don’t let the python script fool you.Search the exact vulnerabilty in google to exploit it with msf, it will be enough.
And dir’s are important.Really.
Pm.If you need help send me a pm

Still trying to get user… I’ve exploited the server about 30 times with msf and still nada. A helpful individual sent me what I “should” be finding but my question is why am I not seeing it my dumps, even though he is? Someone said 8/10 of the dumps he did had this phrase in it. Am I doing something wrong?

Alright… finally got user and root for this. My tip is if you’ve run the “exploit” like 30 times and you haven’t seen the text, reset the machine… pm me if you need any help with this one.

I am stuck at getting user login. I got the key and I have exploited the machine a lot of times with the bl33ding exploit. But I am getting nothing to go further. I got a md5 hash but that seems to be useless.

Any idea on how to get passphrase for the user.

@AdmiralGaust said:
I am stuck at getting user login. I got the key and I have exploited the machine a lot of times with the bl33ding exploit. But I am getting nothing to go further. I got a md5 hash but that seems to be useless.

Any idea on how to get passphrase for the user.

PM for small hint (not for full ans)

Rooted! Thx bro @r00tn0b0dy

I got user and root. PM if need some hints.

I believe i got something that looks like a hash and did find the _key file, however I am confused how to convert the file into an actual useable private key fior ssh.

@MrBlackHat said:

@AdmiralGaust said:
I am stuck at getting user login. I got the key and I have exploited the machine a lot of times with the bl33ding exploit. But I am getting nothing to go further. I got a md5 hash but that seems to be useless.

Any idea on how to get passphrase for the user.

PM for small hint (not for full ans)

got the user after resetting the box…thanks

@AdmiralGaust said:

@MrBlackHat said:

@AdmiralGaust said:
I am stuck at getting user login. I got the key and I have exploited the machine a lot of times with the bl33ding exploit. But I am getting nothing to go further. I got a md5 hash but that seems to be useless.

Any idea on how to get passphrase for the user.

PM for small hint (not for full ans)

got the user after resetting the box…thanks

Welcome buddy

Oh man this was an awesome box. Learned some seriously cool things. Root didn’t take as long as I thought, though crashing the machine makes it tricky. :slight_smile: If anyone needs a nudge I am open for hints.

Pulling my hair out on this one. I figured everything out up until the “dumping” part and I cannot for the life of me figure out what I’m looking for. Anything I think is interesting ends up decoding into garbage. I don’t know if this dump is just luck of the draw when finding the proper thing, or if maybe I need to reset the box.

I’m struggling to recover the key. Any hint to what format it is in? Just getting junk data.

I am struggling to find something usable. I did a portscan and fund 22 / 80 / 443 open… 22 ssh will be the door but at 80 or 443 must be a hint for the key…but at 443 I get nothing back…and at port 80 it is a jpg named ■■■…what tells me nothing…so can somebody tell me where is my error…because this has to be a layer 8 problem…

If somebody can give me a hint to get into the game, please PM me

thx

That feel when you get user finally 2 minutes after Valentine is retired…I carried on and got root anyway just to get it over with. No points but I still popped this thing. Basically me right now:

Edit 12:18 - Priv esc without exploit is the easiest thing ever. Remember your priv esc 101, google a “checklist” or a “cheat sheet” to remind you of what commands to run. The “proper” priv esc is even easier than the exploit. Too bad I was too late to get points.

Hi, I have the username (I think), the passphrase and the private key, but I cannot understand how to get in. When I try to use the key I get this error:

Load key *** invalid format

I think that I am missing something, could you help me?