Finished root on this one, finally. Learned a ton. The rabbit holes actually taught me a lot. Can’t be mad at that. Hopefully I won’t give any spoilers below, but I believe this is all just re-stating what is listed previously in the thread. (edit- ) Oh and feel free to PM me.
For those stuck on RCE - do not waste too much energy trying to go way up or down the directory structure. There’s good stuff close by.
Mind your syntax, very very closely. Don’t just try to run stuff directly from a cheat sheet. Consider alternate ways of achieving the same desired result.
For priv esc - I recommend taking the time to solve all the challenges. Maybe it is not required? But it’s not too taxing and will be very very helpful on other machines. After that, consider perms, privs on what you have access to already. How can you use this? Use your power in the right place, mind your syntax. Watch your paths.
Will like to thank @itsnemesis for helping out, I appreciate his help and his patience, was getting the syntax wrongly which took me hours before he helped out, guessing probably he might have been mad at me at some point so being a dummy, thanks @itsnemesis , probably might not have solved it earlier without your help
And to those that have lots of details make sure to check your syntax well, that shii really slowed me down and also don’t forget most people reuse login details else where and to get root access try look at each file you find on the server closely u might see something interesting
@itsnemesis said:
Finished root on this one, finally. Learned a ton. The rabbit holes actually taught me a lot. Can’t be mad at that. Hopefully I won’t give any spoilers below, but I believe this is all just re-stating what is listed previously in the thread. (edit- ) Oh and feel free to PM me.
For those stuck on RCE - do not waste too much energy trying to go way up or down the directory structure. There’s good stuff close by.
Mind your syntax, very very closely. Don’t just try to run stuff directly from a cheat sheet. Consider alternate ways of achieving the same desired result.
For priv esc - I recommend taking the time to solve all the challenges. Maybe it is not required? But it’s not too taxing and will be very very helpful on other machines. After that, consider perms, privs on what you have access to already. How can you use this? Use your power in the right place, mind your syntax. Watch your paths.
No problem @Afolic ! Haha never mad with you, you did great! Syntax was a pain on this one.
@sckull That’s quick progress. If you solved the challenges, that’s great cracking practice, but consider what you might be able to do if those challenges don’t lead anywhere. I can PM a little more detailed hint, but don’t want to ruin for others.
@itsnemesis said:
Finished root on this one, finally. Learned a ton. The rabbit holes actually taught me a lot. Can’t be mad at that. Hopefully I won’t give any spoilers below, but I believe this is all just re-stating what is listed previously in the thread. (edit- ) Oh and feel free to PM me.
For those stuck on RCE - do not waste too much energy trying to go way up or down the directory structure. There’s good stuff close by.
Mind your syntax, very very closely. Don’t just try to run stuff directly from a cheat sheet. Consider alternate ways of achieving the same desired result.
For priv esc - I recommend taking the time to solve all the challenges. Maybe it is not required? But it’s not too taxing and will be very very helpful on other machines. After that, consider perms, privs on what you have access to already. How can you use this? Use your power in the right place, mind your syntax. Watch your paths.
I solved the challenges but didn’t work :d
same here , it is really bad that in-spite of solving 4th question you get permission denied error. Now back to priv enscalation
stuck on doing RCE…i have been finding, for 4 days, somehow to get access to the machine…so far downloaded a file and found the login page…and nothing else so far…please help me somebody…
This turned out to be a fun box with playing with the RCE and also the way you Priv Esc was something I could see someone IRL doing…
Hints:
RCE → Burp is your friend and the rest you need bas really been posted here a lot, especially early on.
Priv Esc → See what you have where you are and you wont need to go far. Google is your friend (again, I think others posted this in the forum as well )
Need a slight nudge on this - got RCE - able to look around, got the 3 x credentials
Looked at all services running, Aware of a user beginning with R
Without giving to much away - Presumable we would be looking at a “sequel” to this box to get access
Presuming im on the right path, it has to be either the syntax im using or there is a diffrent script for RCE as what im using doesnt seem to like the commands im issuing to conect to the service
Hi all ! Need some help with this box: I am able to run RCE , got the needed credentials for the specific service that allows access to it , got the right syntax to execute the commands , but i cannot find anything useful once i get logged in that specific service . I mean , there are 2 things inside the service , but only one of them allows listing . The other one seems empty. Was it supposed to be like that ?
EDIT: find a way to to the RCE, found 3 pair of credentials, now stuck again. Any hints?
I guess I have to login into an exposed service, but all the credentials I’ve found don’t work