Reddish - Hints and Tips

Rooted. Amazing box. Tons of fun. Learned a few things, which is always nice, so the headaches were worth it.

i dont know why some pentestshii****t are stoping the containers let us finish this box the way is very long
plz stop this its not profesionnel we are here to learn and sharing our skill no to play like childreen

any help or hints on the machine would be apreciated im stuck on first container

@x00byte said:
any help or hints on the machine would be apreciated im stuck on first container

You need to ‘look around’ to find and enumerate other hosts, so e.g. need to upload your tools for network enumeration or use a scripting language available on the box.

Got the shell in first container …Any hints for next one??

Any hint for second container i find some jobs but cant find the method to edit the file and bring my “bash”.

Edit:Got root.
This was by far the best machine i hve done so far learn a ton on this amazing!!!

I couldn’t find any url, i enumerate using d*irb, gobu, with wordlists. give me an hint

Got shell on the second container as ww******, is there a chance to privesc here ? Or that’s just a dead end ? I have tons of information, about the others containers… What they have, and how they interact with me… Got the network diagram and the files flow on my paper, the non-readable user.txt … But still stuck… Im missing something ??
Many thanks ! :smiley:

Edit:

Got Root ! What a long journey … Many thanks to everyone who helps me without any spoiler !
Every point its a new recon, take a piece of paper, write down all the networks, the interacts and the file flow… At least, for me, that helps me a lot:D

Cheers !! :smiley:

@Rayvenhawk said:
So I decided to give this one a go and I’m coming up with 0 ports on this box with my scan, I’d normally reset the box but after reading everyones frustration with people doing that all the time I’m wanting to make sure if I’m supposed to normally see open ports or if that is part of the challenge.

you sure you’re scanning all ports?

Anyone also receiving the error ’ Error: Connection reset by peer’ when attempting to
connect to redis ?

found the n**e-r*d webapp, the endpoints look similar to box:frolic, yet different
can’t seem to login … help?

got the .?!, now stuck on the second string any help?

someone help me with the root?

I’m absolutely lost with getting root.txt. I’ve got root (or at least I think I do) shell on the b***** docker, but found nothing that indicated where I should be going next. Any tips?

Hello guys, I am in the first container but having difficulties downloading files to it, any hints on how to do it. p*** script which is working on my attacker box is now giving me errors in the container

Late to the game but I must say: this box really rocks! Thanks @yuntao

I used perl reserve shell one liner and got the shell which is root, but I am not able to find the root.txt. Any hints please.

Am I doing wrong?

I’m in the second container with a limited shell… I can see user.txt, but cannot read it… I’m enumerating loads of things… but I’ve been stuck for hours. Can anyone drop me a line with a hint?

I cant find the initial Webapp. Someone can give me a hint?

Edit: Neverming, got it.

This box is close to breaking me. I think I like it but I am frustrated at how little progress I am making.