Hint for Waldo

@Skunkfoot said:

@flexkid said:
I have a rb*** with the m***** user and I don’t know how to continue … someone have any hint for me?

Basic Linux Privilege Escalation - g0tmi1k

Find out what rb**** is and how you can get from that to where you want to be.

@felixgmathew said:

@flexkid said:
I have a rb*** with the m***** user and I don’t know how to continue … someone have any hint for me?

Not sure what the privesc here , i ssh’ed as n******

You’re not quite where you need to be yet. You need to focus on finding Waldo before you can do anything else. Be sure to enumerate your home directory fully.

Thank you for the hint when I’ll return at home I’ll take look :slight_smile:

@Skunkfoot said:

@flexkid said:
I have a rb*** with the m***** user and I don’t know how to continue … someone have any hint for me?

Basic Linux Privilege Escalation - g0tmi1k

Find out what rb**** is and how you can get from that to where you want to be.

@felixgmathew said:

@flexkid said:
I have a rb*** with the m***** user and I don’t know how to continue … someone have any hint for me?

Not sure what the privesc here , i ssh’ed as n******

You’re not quite where you need to be yet. You need to focus on finding Waldo before you can do anything else. Be sure to enumerate your home directory fully.

Thanks skunkfoot, I overlooked what was right in front of me

@felixgmathew said:

@Skunkfoot said:

@flexkid said:
I have a rb*** with the m***** user and I don’t know how to continue … someone have any hint for me?

Basic Linux Privilege Escalation - g0tmi1k

Find out what rb**** is and how you can get from that to where you want to be.

@felixgmathew said:

@flexkid said:
I have a rb*** with the m***** user and I don’t know how to continue … someone have any hint for me?

Not sure what the privesc here , i ssh’ed as n******

You’re not quite where you need to be yet. You need to focus on finding Waldo before you can do anything else. Be sure to enumerate your home directory fully.

Thanks skunkfoot, I overlooked what was right in front of me

People always do, myself included

I was able to escape the restricted shell using r**, not sure if *.sh is what I need to be looking into ?

I got M as user and escape rb. Any hint for root?

@ZaphodBB @Skunkfoot Does the privesc involve setcap or getpcaps , I can’t seem to find both on the box ?

PM me

rooted, so much fun!!!

A very useful page for those stucked on initial steps:

@madcap said:
A very useful page for those stucked on initial steps:

prova str_replace on line - PHP string functions - functions-online (italiano)

english?

Just google the function he’s referring you to…

@taytay said:

@madcap said:
A very useful page for those stucked on initial steps:

prova str_replace on line - PHP string functions - functions-online (italiano)

english?

sorry, I didn’t realize wasn’t english…
try this one

@madcap said:

@taytay said:

@madcap said:
A very useful page for those stucked on initial steps:

prova str_replace on line - PHP string functions - functions-online (italiano)

english?

sorry, I didn’t realize wasn’t english…
try this one

PHP Online Function Tester - str_replace

Thank you madcap, i’ll check that out!

Finally rooted! But I somewhat don’t feel satisfied. Yes I’ve learnt many new things and how not to make simple errors. Shout out to @ZaphodBB

@jbob said:
Finally rooted! But I somewhat don’t feel satisfied. Yes I’ve learnt many new things and how not to make simple errors. Shout out to @ZaphodBB and @MasterSplinter for their hints.
For those still stuck. You need to read the threads over and over again! Good Luck!

@Underworld said:
Rooted. Thanks for the hints in this post - they are enough to get you through the box. The only tips I would give would be to read all these posts over and over and to read everything in .ssh folders! Not just some of the files :smiley:

■■■ this little simple hint all i was looking for last 4 hours to find waldo!! :open_mouth: :frowning:

But again i couldnt understand totally… That user is not listed even in that famous file!?!

Well, There are lots of things to learn. I was all playing with file permissions and superv… program and applying all steps for privilege. I hope those steps will be used for being root :disappointed: now moving on root… Not a nice boxxx :astonished: :smiley:

This was a pretty funny box actually. Privesc was frustrating all because I screwed up my paths and made an assumption a certain command was deleted on purpose.

Hey guys! Look likes waldo has a new patch after i got root. It seems harder for me. Regrading to heard new way to do priv esc steps.

rooted… sort of… what would the approach be to atTaCk the system for proper rootshell? I now I just read the root.txt. Could not get the pass to the key and now working on a small piece of lack-of-sun. PM please.

Is there a way to get rooted? Not the way to read the root.txt. PM me , please?