Hint for Sunday

Spoiler Removed - Arrexel

This was an awesome box. Learned a lot. Took me the longest to get user, root was done in 15 min (without editing any files). One of the more original boxes!

rooted any one need help can pm me

Got root…

The idea is good, but the box is extremely broken, the lag was so annoying that it literally ruined the experience… Took me a lot longer to do something that I could have done in 30 minutes. Fun learning experience tho

Also, has anyone actually gotten the entire system, or are we just able to obtain the root.txt file?

Please pm me :slight_smile:

EDIT: checked the pdf writeups, got my answer
You can obtain a root shell pretty easily, but getting root.txt is just fine.

I am stuck with the service. Can anyone help?

What a box. I’m happy to say I’ve finally got root on this. It was a pain at times having to wait for hanging shells etc., but a good box nonetheless.

I keep receiving this error, even if the port is open:

10.10.10.76: RPC: Port mapper failure - Authentication error

is it a problem of mine or the server is intended to reject the client’s calls ?

@TheInnocent said:
I keep receiving this error, even if the port is open:

10.10.10.76: RPC: Port mapper failure - Authentication error

is it a problem of mine or the server is intended to reject the client’s calls ?

I have exactly the same problem …
Any hints how to solve it ?

@git83 said:

@TheInnocent said:
I keep receiving this error, even if the port is open:

10.10.10.76: RPC: Port mapper failure - Authentication error

is it a problem of mine or the server is intended to reject the client’s calls ?

I have exactly the same problem …
Any hints how to solve it ?

I hope this is an issue, because I can’t find anything without it, it seems… im sure there is something stupid to fix it

Sunday privilege escalation techniques is very good.you will have to use wget techniques to have root access.Its can’t be found on Google.

rooted any hints PM or hit me up at netsecfocus @lilocruz, im glad to help.

Rooted. What I can say ?

IF you know basic privesc concepts, this box is TRIVIAL

if you don’t, you’ll hit your head against the wall many many times…

Any hints on how to pivot from Su*** to Sa***? Lots of manual and auto enumeration. No luck yet :slight_smile:

Rooted My advice for this box don’t fall into rabbit holes, follow normal manual enumeration methods once you find what you should the rest is simple.

At the last step - I think I know what to do but everytime I try and do it I bork the box. I’ve tried two different approaches. Anyone want to chat about it? I could use a nudge. I’m guessing its my inexperience with this specific OS.

Edit - got it after some help and a nudge from a friend. Happy to pay it forward - PM or netsecfocus (same name) if you need a hint.

Rooted. Really fun box. Thanks to Creators.

Can I PM somebody for the hash to crack (for sa***)? Syntax seems alright but it can’t find anything (using hashcat and rockyou).

EDIT: Tried again and it worked instantly, not sure what the problem was but oh well :smiley:

EDIT1: And root.txt obtained. Perhaps there were more ways to capture the flag using the same tool, if anyone wants to discuss them, PM me.

I’ve found the ports I needed to move on. I managed to login into the box as su****. Can’t read user.txt. I know I miss something. Testing a lot! If someone is in to teach me a little bit, that would be great!

I’ve done it! No help needed anymore!