Hint for Sunday

Rooted. What I can say ?

IF you know basic privesc concepts, this box is TRIVIAL

if you don’t, you’ll hit your head against the wall many many times…

Any hints on how to pivot from Su*** to Sa***? Lots of manual and auto enumeration. No luck yet :slight_smile:

Rooted My advice for this box don’t fall into rabbit holes, follow normal manual enumeration methods once you find what you should the rest is simple.

At the last step - I think I know what to do but everytime I try and do it I bork the box. I’ve tried two different approaches. Anyone want to chat about it? I could use a nudge. I’m guessing its my inexperience with this specific OS.

Edit - got it after some help and a nudge from a friend. Happy to pay it forward - PM or netsecfocus (same name) if you need a hint.

Rooted. Really fun box. Thanks to Creators.

Can I PM somebody for the hash to crack (for sa***)? Syntax seems alright but it can’t find anything (using hashcat and rockyou).

EDIT: Tried again and it worked instantly, not sure what the problem was but oh well :smiley:

EDIT1: And root.txt obtained. Perhaps there were more ways to capture the flag using the same tool, if anyone wants to discuss them, PM me.

I’ve found the ports I needed to move on. I managed to login into the box as su****. Can’t read user.txt. I know I miss something. Testing a lot! If someone is in to teach me a little bit, that would be great!

I’ve done it! No help needed anymore!

Need help with sunday. can anyone PM?

Nice box, feel free to pm me

I am logged in but cant read anything. need a little nudge

@elio said:
Can I PM somebody for the hash to crack (for sa***)? Syntax seems alright but it can’t find anything (using hashcat and rockyou).

EDIT: Tried again and it worked instantly, not sure what the problem was but oh well :smiley:

EDIT1: And root.txt obtained. Perhaps there were more ways to capture the flag using the same tool, if anyone wants to discuss them, PM me.

can you help me with the hashcat command
?

can you help me with the hashcat command

Sure, PM me your syntax!

Hi,

Totally stuck on this one. I have found few services and found some possible users enumerating one of this service but those users have nothing to do with the users everybody here is talking about (for exemple sa*** ?).

Moreover, I cannot manage to make hydra working with Sunday : I still receive some errors like “ssh_exchange_identification: Connection closed by remote host”

Any help would be appreciated thanks !

any help on user ?? got users from finger and now blank?

Got Root!! Thanks @Ismail @elio

@montyongoXOR said:
any help on user ?? got users from finger and now blank?

@14NC3107 said:
Hi,

Totally stuck on this one. I have found few services and found some possible users enumerating one of this service but those users have nothing to do with the users everybody here is talking about (for exemple sa*** ?).

Moreover, I cannot manage to make hydra working with Sunday : I still receive some errors like “ssh_exchange_identification: Connection closed by remote host”

Any help would be appreciated thanks !

just guess some most relevant password for this box, its totally in front of you! one of the user will let you in with some easy guess in 2/3 tries.

@montyongoXOR said:
any help on user ?? got users from finger and now blank?

one of the user has the easiest password you can guess relevant to the box, try to login.

This is incredibly embarrassing but can someone PM a hint for user? I have read every single hint, I have a list of valid users. I’ve tired the most obvious or CTF-y passwords possible by hand and through programs. I’m clearly not doing something right…

Thanks

@BlueGh0st said:
This is incredibly embarrassing but can someone PM a hint for user? I have read every single hint, I have a list of valid users. I’ve tired the most obvious or CTF-y passwords possible by hand and through programs. I’m clearly not doing something right…

Thanks

Today is Saturday, maybe try again tomorrow?