Curling

Got root.txt, but I have no idea on privesc. Any help appreciated

Finally got the root.txt, but I think I did it the hardest way possible using the ā€œw*tchā€ cmd, Iā€™m a little embarrassed I still cant get the underlying command to output to where I want it to . I know 100% itā€™s syntactical but wouldnā€™t mind a little nudge on how to fully hijack this functionaly.

I wrapped the whole string, parts of the string with different quotes ā€¦used the bash operator, built in operator, piped input ā€¦put it before and after the targetā€¦ just couldnā€™t get it to work. it kept breaking the actual function or disregarding my commands

I had no difficulty with user.txt, I got root.txt, no privesc, but concept was difficult for me as a beginner. Thank You @L4mpje

Okay, Iā€™m struggling. I managed to find user.txt but couldnā€™t download or read it. I found p*******_b***** but I donā€™t know what to do with it. And then the entry point that I was using was closed. I have seen that I can use c*** to upload a payload but I canā€™t seem to get it to work. Any help, hint, etc. would be great. Please PM with any suggestions.

cant upload the shell in sites what im gonna doo? help me please :smiley:

@nathacks said:
cant upload the shell in sites what im gonna doo? help me please :smiley:

Tell us what you did and we are gonna tell you what you did wrong.

EDIT: thanks to @YellowBanana for the help!

.

@JKryten said:
Okay, Iā€™m struggling. I managed to find user.txt but couldnā€™t download or read it. I found p*******_b***** but I donā€™t know what to do with it. And then the entry point that I was using was closed. I have seen that I can use c*** to upload a payload but I canā€™t seem to get it to work. Any help, hint, etc. would be great. Please PM with any suggestions.

Soooo, any suggestions? The upload link that someone placed on the homepage is no longer there and I cannot figure out to get c*** to work. Anyone, anyone? Bueller?

@0racle said:
guys ! may i take hint for root? i got user.txt but cant handle root.

guys?

@JKryten said:

@JKryten said:
Okay, Iā€™m struggling. I managed to find user.txt but couldnā€™t download or read it. I found p*******_b***** but I donā€™t know what to do with it. And then the entry point that I was using was closed. I have seen that I can use c*** to upload a payload but I canā€™t seem to get it to work. Any help, hint, etc. would be great. Please PM with any suggestions.

Soooo, any suggestions? The upload link that someone placed on the homepage is no longer there and I cannot figure out to get c*** to work. Anyone, anyone? Bueller?

Well you can play with the p*******_b***** file that you found in the server as first hint. You cannot open the user.txt because you are not an actual user of the machine, you are logged in as a ā€œserviceā€. If you manage to crack the file that you said then you will know what to do. :slight_smile:

@0racle said:

@0racle said:
guys ! may i take hint for root? i got user.txt but cant handle root.

guys?

You have to find a folder and dig in it. :slight_smile:

Is someone able to PM me for hint on root? I have gone through the forum, Iā€™ve identified what I believe is the ā€œprocessā€ that is running, I have tried a few things but Iā€™m a bit lostā€¦

Edit: NVM got it, only got root.txt donā€™t really see how people are getting shell from thisā€¦
If anyone is willing to tell me could they PM how they managed to get shell? Out of curiosity

Well, at this point, I donā€™t actually know what to do with p*******_b*****. Some have mentioned ā€œcrackingā€ it, others have mentioned it being a compressed format. It looks like hashes and it may have something to do with s** but I havenā€™t been able to figure it out yet. I have been at this for far too long and I havenā€™t even gotten user yet.

I am already done with user and root, but i cant understand how i can properly catch what process using/launching file in directory and with what options. Any solutions? I tried lsof, but it is not proper tool i think. Please answer here or PM me.

@JKryten said:
Well, at this point, I donā€™t actually know what to do with p*******_b*****. Some have mentioned ā€œcrackingā€ it, others have mentioned it being a compressed format. It looks like hashes and it may have something to do with s** but I havenā€™t been able to figure it out yet. I have been at this for far too long and I havenā€™t even gotten user yet.

Itā€™s actually both. Itā€™s a compressed format file with a little ā€œpuzzleā€ that you have to ā€œcrackā€.

I just got root and am wondering how people got shell. I have an idea but if anyone wants to chat let me know.

@0racle said:

@0racle said:
guys ! may i take hint for root? i got user.txt but cant handle root.

guys?

What have you got so far? Feel Free to PM me.

Well It was a bit dificult but
getting the root flag wasnā€™t hard at all.
except dealing with the fact that the box kept getting reset every 5 minutes.
Talk to yā€™all later!

hello,
i need help about the file to found. I get the u***.txt but i donā€™t have access to it. Could you help me please.