Access

@agonx00 said:

@tolg4yan said:
Guys, I have no idea where to start for this machine. Any hints would be helpful.

look at your nmap scan there are not many services that can confuse you, try the most obvious ones

I found tel— and f-- do I have to proceed with brute-force? in f-- I can access in an----- but I can do it nothing, do you have any hint? thanks

@flexkid said:

@agonx00 said:

@tolg4yan said:
Guys, I have no idea where to start for this machine. Any hints would be helpful.

look at your nmap scan there are not many services that can confuse you, try the most obvious ones

I found tel— and f-- do I have to proceed with brute-force? in f-- I can access in an----- but I can do it nothing, do you have any hint? thanks

ther are only a couple files you can access in f–… use one to access the other

@n0bf said:
I found that using a common Linux tool s****** worked to let me read it enough that I could find a password that worked for the zip, but now I’m stuck at trying to read the file that was zipped up. I’m assuming I’m on the right track?

This is the best hint ever, for some reason using the proper program I just got lost but using that “tool” I found said password very quickly.

If you’re still stuck there is a tool to read the file you got on linux, just google the extension and linux.

Now I’m seriously stuck on root… I can see a certain thing stored what is needed but can’t make my commands use it… I swear I’m missing something obvious here.

Any hint for privesc? Is the mdb file I see after login (not the one on Fxx) relevant?

Edit: NVM, just realized the 2 files are the same :@

Got system but can’t type root.txt… Did it happen to anyone else? Is there more to do? a bit lost here… If someone can pm me that’ll be great

EDIT:

Nevermind. Seems to be working fine now.

@7431i0n said:
Got system but can’t type root.txt… Did it happen to anyone else? Is there more to do? a bit lost here… If someone can pm me that’ll be great

it’s normal.

For people who have done this box: Is it intentional that root.txt can’t be read by administrator on this box?

@jreeves said:

@flexkid said:

@agonx00 said:

@tolg4yan said:
Guys, I have no idea where to start for this machine. Any hints would be helpful.

look at your nmap scan there are not many services that can confuse you, try the most obvious ones

I found tel— and f-- do I have to proceed with brute-force? in f-- I can access in an----- but I can do it nothing, do you have any hint? thanks

ther are only a couple files you can access in f–… use one to access the other

thanks i found the b… > @blobbo said:

@n0bf said:
I found that using a common Linux tool s****** worked to let me read it enough that I could find a password that worked for the zip, but now I’m stuck at trying to read the file that was zipped up. I’m assuming I’m on the right track?

This is the best hint ever, for some reason using the proper program I just got lost but using that “tool” I found said password very quickly.

If you’re still stuck there is a tool to read the file you got on linux, just google the extension and linux.

Now I’m seriously stuck on root… I can see a certain thing stored what is needed but can’t make my commands use it… I swear I’m missing something obvious here.

How did you convert the file ?

I didn’t in the end… There’s a much simpler way to privesc - but I can’t read the file root.txt (even when I log in as admin).

Edit: I think that I got what I need to do…

@blobbo said:
I didn’t in the end… There’s a much simpler way to privesc - but I can’t read the file root.txt (even when I log in as admin).

A bunch of people have been running into this, I’m curious to see how to get around it when I finally get to that point. What does icacls root.txt show for permissions?

@jreeves said:

@flexkid said:

@agonx00 said:

@tolg4yan said:
Guys, I have no idea where to start for this machine. Any hints would be helpful.

look at your nmap scan there are not many services that can confuse you, try the most obvious ones

I found tel— and f-- do I have to proceed with brute-force? in f-- I can access in an----- but I can do it nothing, do you have any hint? thanks

ther are only a couple files you can access in f–… use one to access the other

Thanks

Any hint on Priv Esc. I created one file but not working :astonished: . Please any one DM

@Skunkfoot said:

@blobbo said:
I didn’t in the end… There’s a much simpler way to privesc - but I can’t read the file root.txt (even when I log in as admin).

A bunch of people have been running into this, I’m curious to see how to get around it when I finally get to that point. What does icacls root.txt show for permissions?

That’s not the problem, figured out the file is a bit… “locked up”… I can’t unlock it. Apparently admin should be able to but I had no luck.

Very good box thank you ! @egre55

r00ted. Edit: not sure my way is intended

anyone got some tips on the initial 2 files? I know you have to analysze one, but one seems locked and one segfaults while analysis…

@jownz said:
anyone got some tips on the initial 2 files? I know you have to analysze one, but one seems locked and one segfaults while analysis…

check if you get it properly. check the size on the *** server and yours.

i got it using nemo file manager insted of classic way. with *** they were corrupted.

I’ve got some information from the initial files, including a password, but unsure where to use it. Any hints?