Should i use d****l to log in to ssh?
Really having trouble dealing with this enc file, could someone PM me for a push in the right direction? I think I have the right tool but I’m having trouble actually getting any usable output.
test
I cant own user. Any hint pls
Can someone please PM me a hint for priv esc from W******* to D*****? I have ran LinEnum and literally cat-ted every conf type file but still couldn’t find anything juicy.
Been stuck on it since few days.
Any help will be appreciated
I am having the same problem with privesc… I thought I would be able to get into this one the same way as poison but I can’t seem to get root when i connect(probably have an incorrect setting somewhere). I have user.txt, got user login, and found that other login page but can’t seem to do anything with it.
Anyone want to PM some advice?
Edit:
Oh man, this was a fun box. Very similar to poison in how to solve it but the whole process from start to finish was great. PM if you need any help!
Thanks @gm0
Just rooted this box and I am so pleased!
Learned quite a lot from this, it is definitely one of the better boxes I have done.
As somebody said on one of the DevOps threads - ::rootdance::
Thanks @mrh4sh
Spoiler Removed - Arrexel
Is it normal if I can find the enc file in the F** service? do I need to work on drupal first?
EDIT:
Nvm found it.
@mcruz said:
Hi any hint on privesc to daniel please.
Look harder. Bad password policy. cat and grep are your friends.
@impetuousdanny said:
@mcruz said:
Hi any hint on privesc to daniel please.Look harder. Bad password policy. cat and grep are your friends.
Thanks
I’m already drinking H2O on my localhost but I can’t find the credentials to exploit it ugh
@usmcreptar said:
I’m already drinking H2O on my localhost but I can’t find the credentials to exploit it ugh
Im right there as well… tried all the creds I currently know with no luck
ok i got it. after a reset it logged right in. somebody must have fuxed with something a locked us out
@Djinn45SQL99 said:
ok i got it. after a reset it logged right in. somebody must have fuxed with something a locked us out
still can’t login with one of the previous credentials
@usmcreptar said:
still can’t login with one of the previous credentials
There’s something you can do from there that doesn’t require logging in, I was hitting my head against the wall there a while too
Rooted special thanks to armatank for his great help. This box was a drupal four a hawk, for real pay attention to what i’ve just said, that’s the real hint folks.
Got the root flag, if anyone needs help send me a message.
I am still working on the .enc file. I already digest the file but I for some reason can not brute force it. (Been stuck for 3+ days )
Do I need the file to log in or am I approaching this a wrong direction?
What is this .enc file you guys are talking about? I have scanned every port and have gone through some of the directories, but I cannot find any file.