Okey, gonna put a great hint here and try not to give spoiler on the root.txt.
Once you are in, you need to modify a file which allows you to run command as root. When I did it that time, I used to for transport rather than escalation. For some who has been asking whether to have a full escalation, technically it is possible. Think venom… and reverse…
I didn’t go that step because I just wanted to capture the root flag, so I cut short the process.
c4u53
July 31, 2018, 7:42am
297
Any hints about the prev esc ?
@Klamby said:
Rooted - interested to know what other methods exist though.
If you have the root flag, check this (password protected)
@c4u53 said:
Any hints about the prev esc ?
Check the content in the log folder to detect interesting way
OTG
July 31, 2018, 12:16pm
300
I keep getting “invalid username type” error. Having trouble adding the username to the code. Can someone please help me with this?
OTG
July 31, 2018, 12:23pm
302
@SimVirus said:
@OTG said:
I keep getting “invalid username type” error. Having trouble adding the username to the code. Can someone please help me with this?
ignore it… and continue…
But I am not getting a shell… ¯_(ツ)_/¯
Got the shell thank you SimVirus for help. My listener command was wrong. It is always something stupid with these boxes…
HTTP/1.1 200 OK
X-Powered-By: Express
Content-Type: text/html; charset=utf-8
Content-Length: 41
ETag: W/“29-mT0hiiE62mfFMAIMRMkQ7Q6tVaM”
Date: Tue, 31 Jul 2018 13:24:37 GMT
Connection: close
An error occurred…invalid username type
any one help every time i send the payload i am getting this any advise
@OTG said:
@SimVirus said:
@OTG said:
I keep getting “invalid username type” error. Having trouble adding the username to the code. Can someone please help me with this?
ignore it… and continue…
But I am not getting a shell… ¯_(ツ)_/¯
Try until you receive a “OK 200” (and not Error 500)
@laylow said:
HTTP/1.1 200 OK
X-Powered-By: Express
Content-Type: text/html; charset=utf-8
Content-Length: 41
ETag: W/“29-mT0hiiE62mfFMAIMRMkQ7Q6tVaM”
Date: Tue, 31 Jul 2018 13:24:37 GMT
Connection: close
An error occurred…invalid username type
any one help every time i send the payload i am getting this any advise
It’s ok… ignore the error… (but check the payload)
tobmes
July 31, 2018, 2:55pm
306
HI,
can anyone give me a nudge becomming root
thanks
@tobmes said:
HI,
can anyone give me a nudge becomming root
thanks
please read the previous page!
@SimVirus said:
@laylow said:
HTTP/1.1 200 OK
X-Powered-By: Express
Content-Type: text/html; charset=utf-8
Content-Length: 41
ETag: W/“29-mT0hiiE62mfFMAIMRMkQ7Q6tVaM”
Date: Tue, 31 Jul 2018 13:24:37 GMT
Connection: close
An error occurred…invalid username type
any one help every time i send the payload i am getting this any advise
It’s ok… ignore the error… (but check the payload)
thanks Simvirus ill try once i get back home from work lol
tobmes
August 1, 2018, 8:37am
310
is there a password requiered to become root access?
Maglok
August 1, 2018, 10:17am
312
I got user a while ago and am trying to get root. I have a few attack vectors in mind, but I keep getting booted off the system (the instability). If anyone can confirm if any of them are the right direction in a PM I would appreciate it.
so i have created my payload and i send it but i just can’t open shell what am i doing wrong i went threw again and again but am still not getting in session i think my payload is ok too
nvm got shell listener had issue. but it working now
finally, I got root. PM if you need some help.