Ypuffy

DM

@flexkid said:

@fjv said:
s*******t will do fine.

Great I’ll try is the hash enough? do i have also modify the h…t file ?

@fjv said:
DM
what is dm ?

This got me a headache, but finally rooted. Special thanks to @kdpbuster for the kindest help

I have managed to find credentials but i have tried tons of things but cant seem to get authentication. Any guidance would be appreciated.

As above - got a feeling I’ve just got my syntax a bit wrong for connecting via “s*****t” - could do with a pointer

Thanks for the machine, learned a few things.

I got something for enumeration. For user, is it neccesary to crack the hash?

I had to take a break from this machine since I started giving myself a massive headache. I have the user.txt flag, and I “know” what I need to do next, however, I just can’t seem to find the exact command for it. Can anyone send me a PM so I can layout everything I did and maybe give me a nudge? Laying down what I did might also trigger something.

Guys any help with ds s******n

Anyone free for a DM on privesc? I know how to run elevated command to generate a specific thing but can’t save it anywhere I can access it… Obviously I’m missing something. I read man pages and still can’t read the necessary file only public

@yariq said:
Guys any help with ds s******n

Stuck at same thing

Hmm, having trouble running the elevated **** s********* command (probably messed up the syntax) and cant read the ** file, always get permission denied. grrr

stuck on pxk thing… it is a different format than classic private id_xsa

i got that :wink:

Hey guys, you know sudo -l, does exist d…s -l? Any hint.

Found ***d config, there’s **rl command, but it returns http 400 :frowning:
am i on a right way?

upd: figured out, got ******B4ckd00r, but can’t find out what to do with it :frowning:

For root in ypuffy, do you need some web stuff? Do…s a is the key? Any hints by pm

rooted after some days spent learning new stuff… thanks to @AuxSarge for making the machine!

What a great box. Learned a ton getting priv esc to root - looking back, it is as straightforward as I thought it was, but I overlooked the simplest things… that’s what made priv esc so clever IMO and great way to learn. Way to go @AuxSarge!

For everyone trying to get root - Just take a breather and continue to enumerate! Man pages are your best friend :slight_smile:

Many thanks to @Skunkfoot and @wilsonnkwan for keeping me on track and ensuring I wasn’t running in circles.

@peacemindlav said:

@dmcxblue said:
Any one can recommend a tool for enumerating ldap or its hashes? Stuck on entry and have no idea if I am following a rabbit hole…
i am also stuck here. Any one please PM me .
Edited* got user

u can use jxplorer to enum ldap