Hint for Sunday

Fun box. If you are trying to modify some critical file, please consider that another people is not privesc, and you maybe are closing doors.

Hello guys , someone can help me please? i ennumerated 4 services and when i tried to connect ssh i have this error: gss-group1-sha1-toWM5Slw5Ew8Mqkay+al2g==,diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 i cant found the parameter to connect…

Someone can help me?

How i can get the password?

root :slight_smile: thank you all

I have a general question, how the people knows the name of the user.txt file or root.txt file? there is a documentation of this box? because i cant find it , a document or PDF or something where i can read the problem or the name of the flags… How the people knows how to find the file and the name of the file?

Takao

For user

Type below the hash that is inside the user.txt file in the machine. The file can be found under /home/{username} on Linux machines and at the Desktop of the user on Windows.

For root
Type below the hash that is inside the root.txt file in the machine. The file can be found under /root on Linux machines and at the Desktop of the Administrator on Windows.

Solaris is like a unix, soo…

Is ssh port the key? I cannot find a port in order to connect, all ports that i see are finger and rpc. So, i can enumerate. Are there another hidden port? How can i find another port? Something to read?

@9999volts said:
Is ssh port the key? I cannot find a port in order to connect, all ports that i see are finger and rpc. So, i can enumerate. Are there another hidden port? How can i find another port? Something to read?

enumerate and re enumerate all ports, you can use -p- in nmap to scan all ports in the host

@otaman said:

@9999volts said:
Is ssh port the key? I cannot find a port in order to connect, all ports that i see are finger and rpc. So, i can enumerate. Are there another hidden port? How can i find another port? Something to read?

enumerate and re enumerate all ports, you can use -p- in nmap to scan all ports in the host

Yeah but I was given that advice as well and my nmaps never finished, I had to ask someone else to get me the port list

any hint for the user.txt ? i opened it and i try cracked it or use for login and it doesnt work…

Hey All, I have been trying to do Nmap scan of Sunday but scans are taking too long. Is this normal or the machine is unstable?

@Draco123 said:
Hey All, I have been trying to do Nmap scan of Sunday but scans are taking too long. Is this normal or the machine is unstable?

is a little normal

My nmap scan is taking too long. I just read past comments and see that many have faced this issue. Is someone willing to inbox me the whole port scan output?

Finally got root!!! Man that was a mind f#ck!!

You don’t need to modify ANY files and it really screws up other users when you do.

I need some hint for next phase. I have names of users and have used f****r in all possible ways to enumerate. Can someone please pm me as to how should I Login. Please Inbox me.

@Draco123 said:
I need some hint for next phase. I have names of users and have used f****r in all possible ways to enumerate. Can someone please pm me as to how should I Login. Please Inbox me.

Hint : whats the name of this box.

Finally got the root flag. After spending a whole day I have to admit that this was an interessting box. I can confirm that it is not necessary to modify any files of the box.

Hey, guys. Ssh port in the machine is? I scan, scan, rescan, and i dont find it… A hint by pm please. I found another unknown ports, but how can discover services on those ports… They dont react to ssh connection.

Is the SSH connection terrible or is it just me? I can barely type

Hello, I am pretty new to this, I’ve followed a few of ippsec’s videos for retired machines and Jerry was the first active machine I managed to pwn without using a walkthrough. Having some trouble with Sunday though.

I ran nmap and found 2 open ports but haven’t found a way to gain access to the machine using those ports. I enumerated the users using one of the ports but don’t know how to proceed. I am currently running nmap on every single port (tcp&udp) on the machine but as expected it is taking quite some time.

Am I going in the right direction or am I wasting my time? Are there still ports that weren’t found with my initial scan? I realize now that enumerating the udp ports might be useless but I don’t want to restart the scan.