Vault

very cool box. thanks.

I need little bit help with g** decrypt …PM because i dont what to put spoiler here

Finally rooted.
Very nice box, thank you @nol0gz

Can anyone please PM me about root? Found a file in the vault but stuck working out what to do with it

@Waffles943 said:
Can anyone please PM me about root? Found a file in the vault but stuck working out what to do with it

Don’t recognize that file extension, huh? Maybe you should google it and learn about what it is and how to use it :wink:

i already have the user flag … i am now d*** in 192****4 … struggling for root … any hints on root will be appreciated :slight_smile:

@achayan said:
i already have the user flag … i am now d*** in 192****4 … struggling for root … any hints on root will be appreciated :slight_smile:

look into log files, maybe hint is there

I’m root in x.x.x.4. Stucked in a hole… I discovered an IP with no services listening.

how to move from dave to vault, need hint

Rooted. I enjoyed this box en learned new things again. I really like the multiple server ones. To bad this one has a step that can be a fair bit harder if you have multiple people trying to hack it.

Anyway, for all the people asking for hints, everything needed has been said in this topic.

I’ve just rooted the box and I am a bit confused. Most of the people found the rooting hard-ish and I actually found it even a bit easy (for sure way easier than user flag). I am wondering if I rooted the box in the right way or in an unintended way, could anyone send me a PM to discuss the rooting? Thanks!

@0xd1360b said:
I’ve just rooted the box and I am a bit confused. Most of the people found the rooting hard-ish and I actually found it even a bit easy (for sure way easier than user flag). I am wondering if I rooted the box in the right way or in an unintended way, could anyone send me a PM to discuss the rooting? Thanks!

Yeah PM me, I’m curious how you did it

It was kind of nice to have something discovered so early be so important so late. That was tough, but I’m glad I did it.

Just FYI the poison hint is only for tunneling…

I had to use proxychains to get it to work on mine

Ah sorry I must’ve misunderstood where you were at. The proxychains ssh port forward was used on my own box to open up access to a certain service accessible via local web browser. Not sure if the proxy part is actually required, but it worked for me.

Errr…I’m feeling a bit surprised about the location of the user flag. I was plotting my next step in what I believed to be a much longer game when I sort of stumbled on it.

Regardless, nice box and which taught me a thing or two about a particular method of digging deeper. Thanks!

Spoiler Removed - egre55

Neat box. As a general hint, the admin of these machines has a TERRIBLE memory and writes everything down.

Also, you can do the entire maneuver using resources on the boxes. You can tunnel if you want to but there are ways around it. For root, check out the logs to give you an idea of the trick to use to get SSH into doing something it doesn’t normally.

There are approximately six concepts to understand for this machine, making it more complex than most machines.