Zipper

@r3no said:
EDIT: someone was claiming that root is possible without getting user. I would love to learn how can that be accomplished if anyone was able to really do this.

I am late to the game but: the same privesc that works for the user to root works for the initial z**x shell as well.

@supercop89 said:
Anybody knows why the login isn’t possible anymore? i tried the enumerated user but every time “Login name or password is incorrect.” is shown. The same situation after box reset :confused:

No “gui access is disabled” or other stuff :disappointed:

Is there only the exploit possible?

you’re on the right way just find a way to get in. I am in but I am still looking where to put my shell or reuse some shell. I found script but I forgot where I found it someone has enabled the admin gui access that time lol

This is a good excercise for your hand and your hair for beginners like me. :slight_smile:

Hope this is not a spoiler for those stuck at the “GUI ACCESS DISABLED”, if admin login doesnt work after reset its because someone gave you a free pass by enabling GUI access to zapper for changed admin password…If you can’t guess the password for admin…there is a hint in “GUI ACCESS DISABLED” if GUI is disabled, what could be enable? Maybe CLI…

@inspek said:
Hope this is not a spoiler for those stuck at the “GUI ACCESS DISABLED”, if admin login doesnt work after reset its because someone gave you a free pass by enabling GUI access to zapper for changed admin password…If you can’t guess the password for admin…there is a hint in “GUI ACCESS DISABLED” if GUI is disabled, what could be enable? Maybe CLI…

Thanks for your help. WTF there was a username typo error when i made the login :/. The day before i used the correct user. Therefore it was not possible to get the “GUI Access message” :wink:

Anybode can help me which tool i can use to connect to the zabbix agent? zabbix sender?

@32x0LF said:

@supercop89 said:
Anybody knows why the login isn’t possible anymore? i tried the enumerated user but every time “Login name or password is incorrect.” is shown. The same situation after box reset :confused:

No “gui access is disabled” or other stuff :disappointed:

Is there only the exploit possible?

you’re on the right way just find a way to get in. I am in but I am still looking where to put my shell or reuse some shell. I found script but I forgot where I found it someone has enabled the admin gui access that time lol

Thanks for your fast help. I know the port for the right way but don’t know which tool i have to use for the connection. Zabber is new for me and i don’t know if there is a default client for zabber in kali available.

Rooted but not quite clear how the privesc is working. I know what to do but would like some explanation. Can anyone pm me so I can ask a few questions how the privesc in this box is actually working?

I managed to create a user with GUI access, had got a stable reverse shell and proper hostname. IDK when I try to cat user.txt it gives permission error. When I try to use the new user in that exploit but it does not give me access while the old username and pwd only works. Any nudge/help. I am stuck.

Rooted :smile: This was a good box. Getting user was interesting and struggle for maintaining the shell is real.
Pm for hints if needed. :innocent:

Figuring out how to wire up the Za**i* software to give me a reverse shell is PISSING ME OFF lol. I’ve had a few reverse shells that randomly spawn, but I’m having trouble figuring out what exactly is triggering them

I got reverse Shell, but when i checked eth0 has IP 172.x.x.x not 10.10.10.109, am i lost? Need nudge

Fun box. Rooted, but didn’t get the z****r user first… I’m curious about the other ways to get in. PM me if ya wanna trade notes.

Hi, could someone please PM about how to get a proper TTY. Thanks!

This was the first box I got root without user first. I wonder if that’s by intention.
For those struggling with with stable rev shell: Play with the zabbix GUI after creating an own user. There’s more than bash or nc.

Spoiler Removed - egre55

Hmm why all version python is not working for get a stabile shell …not just this method dont work :angry:

@T3jv1l said:
Hmm why all version python is not working for get a stabile shell …not just this method dont work :angry:

Use /us*/bn/pth*n3

Got user flag, fighting for privesc, i wonder some body can give me nudge

@Underworld said:
Figuring out how to wire up the Za**i* software to give me a reverse shell is PISSING ME OFF lol. I’ve had a few reverse shells that randomly spawn, but I’m having trouble figuring out what exactly is triggering them

You should find out how to appear report , poke around in the web page you Will find some thing interesting

Got past there, now onto ROOT!