@imag1ne said:
1 week out from OSCP retest & would love some privesc pointers, not spoilers
Got O* shell; might understand retartar (grp) but canāt find diff/script talked. found 3 diff files but at a lossā¦
do enumeration steps as taught in oscpā¦
try not to follow advice in the forums. There are many many wrong suggestions in here.
lol, I know right? I actually found a script via enumeration but didnāt realize it, just not sure what to do with it.
My first guess was a local service I enumād, (very OSCP) but couldnāt figure out the password to access.
Completely lostā¦ Iāve done an extensive amount of enumeration and still canāt find the initial foothold. Any help via pm would be greatly appreciated.
Would anyone please PM me about privesc process? Iāve found the script, but canāt write to it. I tried linking the root file in order to break the certain process. Iāve tried a metric ā ā ā ā -ton of stuff and no of it has worked. Any assistance would be appreciated.
EDIT: This box privesc is all about timing. Finally got it.
Curse the day I decided ālooks pretty doableā. Iām in the same boat as @Rayvenhawk and could use some help. Might not survive the night if I canāt get a hint thatās not trolling me.
@dreamhacker said:
Can anyone help me enumerate? I am stuck. Found one web service. I canāt even find second.
Use gobuster or anything other then dirbuster and make sure it runs SLOWLYā¦ I had nothing but false negatives when I tried to use more then 10 threads and no luck using dirbuster no matter what I tried.
This box is a giant troll, will give false negatives and false positives everywhere.
@blobbo said: @dreamhacker said:
Can anyone help me enumerate? I am stuck. Found one web service. I canāt even find second.
Use gobuster or anything other then dirbuster and make sure it runs SLOWLYā¦ I had nothing but false negatives when I tried to use more then 10 threads and no luck using dirbuster no matter what I tried.
This box is a giant troll, will give false negatives and false positives everywhere.
he
Hi, my first post. .
The box is a good one, clever af.
I thought my enum skills were on point till this box. if this box were a briar patch, one of the holes has actually gotta have a rabbit right?
Iām sitting here, with a thoroughly burned down Briar Patch. A good square a dirt with a shitload of holes in it. And a good amount of time blow and smoke down most of them, Iām at a point now where I kind of have indigestion, but I canāt seem to get this burp to work.
After a long day struggling with configuring, Iām wondering if a big healthy belch is really the key to relieving this indigestion? Am i wasting time trying to configure a setup I could be struggling with on another box that itās actually necessary?
Im pulling my hair out at the gurgling in my chest from this one, āX**Pc.ppā it says.
the āā is both a code and how heartburn Sounds, am i on the right track?
i dont know w(t)p is going on with the broken login and the scary thing under the bed seems useless. Im lostā¦
If this double posts im sorry, i tried a minute ago and looks like its on my profile, not the board.
Edited from stuck earlier to now stuck at privsec to root. If anyone wants to discuss solutions or just give me a nudge Iām open to that. I think I know what the vulnerability is.
Iām in the same position as many othersā¦got admin access to one web platform where I cant find a way to get a rev shell back. Also found the login for another platform which has some strange redirects in place - cant seem to crack the login there. Hints via PM would be appreciated thanks!
Finally got root. @3mrgnc3 is, I must say, a complete savage. P.S. savage is not a hint for either stage, but I wouldnāt blame anyone for grasping at straws.
I logged into the 1 service found but canāt upload any file got to know the that we can edit only 1 file but couldnāt call it please help for initial shellā¦