@Fenrir said:
hi,
just got root, but without the ssh-tunnel hint i wouldn’t be able to do it.
so i wonder if there are any indications, that root is using the ssh-tunnel, or was it just guessing?
Feel free to pm me
Check the parameters of the service you used to get into root, one in particular will tell you exactly why you had to do what you did.
@n3tl0kr said:
So, user was flat enough…I do see something very interesting running on this box and i have a fairly good idea of the inner working using ****** over ***** tunnels but fcrackzip is going on a few hours and no dice for the secret.zip file. I thought maybe a bogus extension or something but to short to be a key? Any very gentle nudges?
If you have already identified an interesting process you might want to read its man page, you could find something useful in there
If you have already identified an interesting process you might want to read its man page, you could find something useful in there
I’ve already walked 10 miles since this comment but I’m stuck in a new place. After a ridiculous problem, i realized that what I was doing was completely in folly. I extracted contents from said zip file, realized that it was a ********, also realized that the remote host is hosting a process that confirms my suspicion. Now im playing with command line options because while im not returning a login error, im not necessarily returning a login success either.
For some strange reason, last time i was able to download the secret.zip, and now when i scan i dont get that port nor the place where i downloaded the zip file. Even nmap scan with filters related to **c and **h are showing just two ports opened one is ssh and second is http. Its been two days brrr keep thinking at sleep what went wrong and where
Could anyone PM me to possibly help? I have “connected another way” after owning the user, but only get a blank screen and no way to really interact… i think i’m close but if someone would be willing to PM me for a hint it would be really appreciated. Still trying to learn
@wyliebsd said:
Could anyone PM me to possibly help? I have “connected another way” after owning the user, but only get a blank screen and no way to really interact… i think i’m close but if someone would be willing to PM me for a hint it would be really appreciated. Still trying to learn
try to use the secret file when connecting to that service
@gregX01 said:
Is secret important on the connection, how do i use it if its important, please pm hints
It is, you need that file. Here’s your hint: examine all the running processes owned by root, look for the ones that you can “hook on to” in order to become root. Read the man pages to all the processes that can give you this opportunity, and you’ll understand what that file is for.
Hello everyone, this is my first post.
I’ve already been able to access the box, extract the .zip file. But I do not know how to become root = (
I listed the services that are running but with no ideas how to explore
@wyliebsd said:
Could anyone PM me to possibly help? I have “connected another way” after owning the user, but only get a blank screen and no way to really interact… i think i’m close but if someone would be willing to PM me for a hint it would be really appreciated. Still trying to learn
Alright. I have User access, got the secret.zip, unzipped it. I found the service, access it, working. All I need is to decode the content of secret.zip. I know I’m really close, but can someone PM me with what algo this file has been encoded with?? I’m pretty sure I got it, but keep getting authentication failed…
@berthaz said:
Alright. I have User access, got the secret.zip, unzipped it. I found the service, access it, working. All I need is to decode the content of secret.zip. I know I’m really close, but can someone PM me with what algo this file has been encoded with?? I’m pretty sure I got it, but keep getting authentication failed…
Don’t have to decode it, just think a way to use the unzipped file.
i finally got it , but there was somthing bizzar , some time the commande work , sometimes i got " unable to connect to socket: connection refused (111) and the message " packet_write_wait : connetion to x on port y : Broken pipe ! is there a spicific time to establish the connexions ?