Carrier

Finally rooted :slight_smile: It took a while mostly because it was really hard to figure stuff out with routes constantly changing, people messing with b** etc. But it was a great challenge anyway, I feel really proud of myself :smiley: Thanks @snowscan!

ok can i ask for some help with the reverse shell, i will explain in PM where i am at so as to now ruin it for anyone, or “repeating” what others are saying…

@RPSUK said:
ok can i ask for some help with the reverse shell, i will explain in PM where i am at so as to now ruin it for anyone, or “repeating” what others are saying…

PM me

done

guys i understand everybody is here to learn, but i think before doing this box you should study a bit linux networking configuration. i mean don’t pretend in pvt i explain you even how to add an ip to an eth. just google it. if you just run cmds without understand what they do well… good luck.

@0xlc said:
guys i understand everybody is here to learn, but i think before doing this box you should study a bit linux networking configuration. i mean don’t pretend in pvt i explain you even how to add an ip to an eth. just google it. if you just run cmds without understand what they do well… good luck.

I see what you did there…

Kinda need some help, I can’t find the number I’m looking for… PM me if you want to help me out :stuck_out_tongue:

Spoiler Removed - Arrexel

@missionstarted said:
Spoiler Removed - Arrexel

Think “common misconfiguration”

@missionstarted said:
Spoiler Removed - Arrexel

Check the meaning of error codes

If anyone has any recommendations for reading material to pass commands for RCE - much appreciated - struggling with B**p.

@jamesa @T0ha Thanks, Btw Got the user flag, now heading towards root.

@InfoSecGuy23 said:
If anyone has any recommendations for reading material to pass commands for RCE - much appreciated - struggling with B**p.

https://www.owasp.org/index.php/Testing_for_Command_Injection_(OTG-INPVAL-013)

but before you need to figure out how add this to that parameter…

Got Carrier… MAN that PRIV ESC was CRAZY…

people stay f****** this box but got no route and must reset it
if every body do as me no one can work with this box
i work for priv esc and i had the brain fu*****ed and when found something the box is reseted and i still stuck for the priv esc i turn in round
if any body have an idea for help me plz pm me

Any clues??
Am I in right Path… #Just_Started_@carrier_hackthebox

@jowinchemban said:
Penetration Testing of an FTP Server | by Shahmeer Amir | Shahmeer Amir

Any clues??
Am I in right Path… #Just_Started_@carrier_hackthebox

PORT STATE SERVICE
21/tcp filtered ftp
22/tcp open ssh

Whats with the extra se******ta.**t file in the end ? The one with the root flag ?

That box is crazy, a good brainfuck in the head to root that thing, really enjoyable and that box helped me a lot with an other one, and learned a lot of new techniques, thanks ?
Also that secret flag, personnaly I don’t care I’m just happy to can stay my finger away from that box (but seems interesting :p)

Got the shell on this box. Struggling to get the root… since already root. How to get out of that ?