Vault

@dunnomilton said:
Please pm for direction what do to with these files…

Read them.

Then you need to find a way to use what they say, so it would be good to treat the new boxes like any other new box and enumerate. Find out what ports are open (net cat can be used as a portscanner if you cant get nmap on it) and then enumerate them.

Once you do this, you will find the thing you need to use the files you’ve found.

@evandrix said:
is the credentials to access 192.168.122.4/5 on the host 10.10.10.109?

Have you checked if you need credentials?

gobustering should always be supplemented with a custom word list (which may include only a couple of words). Cewl is there if you need it.

nvm, rooted!! happy pixie dance

Nice one!

Currently got user but im unsure where to go from there i have done some Lin enumeration but i have no idea where to go from there any assistance?

@marshy said:
Currently got user but im unsure where to go from there i have done some Lin enumeration but i have no idea where to go from there any assistance?

Are you root on your current box? If not, I’d try to get that, although I’m not sure it’s absolutely necessary. Either way, step one will be to figure out what your next target is. It’s hard to know what to do if you don’t even know where to do it. :wink:

So I’ve grabbed the root flag. Anyone actually become root on the machine named Vault? It looks possible.

@LegendarySpork said:
So I’ve grabbed the root flag. Anyone actually become root on the machine named Vault? It looks possible.

It maybe - the restricted shell escape is fairly easy, but its not clear if there is any value to this.

Oh I escaped the restricted shell, that was less than trivial, but you’re right not necessary for grabbing the root flag. I’m not actually a root user though. Did you actually escalate to root there after getting the root flag, @TazWake ? If anyone else has done it, I want to do it too … I think it’s possible but I don’t want to spend days on something that won’t work.

I never escalated to route on the Vault box. There is a fairly trivial escape if you want me to DM you.

Like I said, I escaped probably a second after getting on the box. It’s trivial. Less than trivial.

very cool box. thanks.

I need little bit help with g** decrypt …PM because i dont what to put spoiler here

Finally rooted.
Very nice box, thank you @nol0gz

Can anyone please PM me about root? Found a file in the vault but stuck working out what to do with it

@Waffles943 said:
Can anyone please PM me about root? Found a file in the vault but stuck working out what to do with it

Don’t recognize that file extension, huh? Maybe you should google it and learn about what it is and how to use it :wink:

i already have the user flag … i am now d*** in 192****4 … struggling for root … any hints on root will be appreciated :slight_smile:

@achayan said:
i already have the user flag … i am now d*** in 192****4 … struggling for root … any hints on root will be appreciated :slight_smile:

look into log files, maybe hint is there

I’m root in x.x.x.4. Stucked in a hole… I discovered an IP with no services listening.