Stratosphere

i don’t find the file. It must be in /home/“user” ?

I could use a nudge. I have several creds from enumerating and know who the user is not the password yet though. I have been trying to use the creds against the running service, but through RCE I get access denied and timeouts from trying to run it on my machine. An article or anything would be great.

Rooted if you need help PM me.

Got user, it was one ■■■■ of an effort to get user, but satisfying.
Now on to the puzzle, I got first 3 questions decoded, not able to get the 4th one decoded, any help is appreciated.

I solved the 4th, but it’s usseless.

Rooted. If anyone needs a nudge pm me.

Good day guys, I got RCE and I can see bunch of files and directory, even got the manager directory username and password but the details ain’t working when u try logging, any hint on what to look out for??, I have searched everywhere in the server but nothing useful

I could use a nudge as well. In same spot as above post

I am completely stuck at this point. Running endless commands with my RCE without being able to get user.txt or progress to user or root logged in access. I have read tons of files on the machine. Not sure what I am missing. I found creds for web app but cannot login to it for whatever reason. Considered ssh, but no luck. Help?

PM me if anyone needs a nudge. Root was a bit trickier than people make it seem

@itsnemesis we in the same shoe

Ok I have a total of 3 creds at this point, but so far cannot find a way to use any. creds for web app do not seem to work and creds for db seem to work, but with my limited environment, cannot connect? I get timeouts

If someone wants to give me a nudge, I have been able to authenticate to a service with one of the creds I found, but I still do not have user.txt. please PM if you wouldn’t mind helping out

Any nudge on how to authenticate a service ?

Using RCE, with correct authentication request it was not responding, on incorrect one its response with error.

Ok I’ve got user, attempting to priv esc. Found file with perms and trying to use a trick to get success… but not sure how to redirect call to get there. i thought i had it, but still got access denied. could someone PM me for final step to root?

Okay, guys finally conquered user, any hint on priv esc?

Can anyone PM me on getting an RCE to run correctly? I have tried so many things and am getting pretty angry that I can’t get anything to run or get any foothold on this box. +resp if you can give actual tips besides “lel enumerate more”

Finished root on this one, finally. Learned a ton. The rabbit holes actually taught me a lot. Can’t be mad at that. Hopefully I won’t give any spoilers below, but I believe this is all just re-stating what is listed previously in the thread. (edit- ) Oh and feel free to PM me.

For those stuck on RCE - do not waste too much energy trying to go way up or down the directory structure. There’s good stuff close by.
Mind your syntax, very very closely. Don’t just try to run stuff directly from a cheat sheet. Consider alternate ways of achieving the same desired result.

For priv esc - I recommend taking the time to solve all the challenges. Maybe it is not required? But it’s not too taxing and will be very very helpful on other machines. After that, consider perms, privs on what you have access to already. How can you use this? Use your power in the right place, mind your syntax. Watch your paths.

I’m searching about the RCE, but not work for me or i’m in the wrong way?
I’m using PUT file …
I need some help :d

Will like to thank @itsnemesis for helping out, I appreciate his help and his patience, was getting the syntax wrongly which took me hours before he helped out, guessing probably he might have been mad at me at some point so being a dummy, thanks @itsnemesis , probably might not have solved it earlier without your help