Got root.txt, but I have no idea on privesc. Any help appreciated
Finally got the root.txt, but I think I did it the hardest way possible using the āw*tchā cmd, Iām a little embarrassed I still cant get the underlying command to output to where I want it to . I know 100% itās syntactical but wouldnāt mind a little nudge on how to fully hijack this functionaly.
I wrapped the whole string, parts of the string with different quotes ā¦used the bash operator, built in operator, piped input ā¦put it before and after the targetā¦ just couldnāt get it to work. it kept breaking the actual function or disregarding my commands
I had no difficulty with user.txt, I got root.txt, no privesc, but concept was difficult for me as a beginner. Thank You @L4mpje
Okay, Iām struggling. I managed to find user.txt but couldnāt download or read it. I found p*******_b***** but I donāt know what to do with it. And then the entry point that I was using was closed. I have seen that I can use c*** to upload a payload but I canāt seem to get it to work. Any help, hint, etc. would be great. Please PM with any suggestions.
cant upload the shell in sites what im gonna doo? help me please
@nathacks said:
cant upload the shell in sites what im gonna doo? help me please
Tell us what you did and we are gonna tell you what you did wrong.
EDIT: thanks to @YellowBanana for the help!
.
@JKryten said:
Okay, Iām struggling. I managed to find user.txt but couldnāt download or read it. I found p*******_b***** but I donāt know what to do with it. And then the entry point that I was using was closed. I have seen that I can use c*** to upload a payload but I canāt seem to get it to work. Any help, hint, etc. would be great. Please PM with any suggestions.
Soooo, any suggestions? The upload link that someone placed on the homepage is no longer there and I cannot figure out to get c*** to work. Anyone, anyone? Bueller?
@JKryten said:
@JKryten said:
Okay, Iām struggling. I managed to find user.txt but couldnāt download or read it. I found p*******_b***** but I donāt know what to do with it. And then the entry point that I was using was closed. I have seen that I can use c*** to upload a payload but I canāt seem to get it to work. Any help, hint, etc. would be great. Please PM with any suggestions.Soooo, any suggestions? The upload link that someone placed on the homepage is no longer there and I cannot figure out to get c*** to work. Anyone, anyone? Bueller?
Well you can play with the p*******_b***** file that you found in the server as first hint. You cannot open the user.txt because you are not an actual user of the machine, you are logged in as a āserviceā. If you manage to crack the file that you said then you will know what to do.
@0racle said:
@0racle said:
guys ! may i take hint for root? i got user.txt but cant handle root.guys?
You have to find a folder and dig in it.
Is someone able to PM me for hint on root? I have gone through the forum, Iāve identified what I believe is the āprocessā that is running, I have tried a few things but Iām a bit lostā¦
Edit: NVM got it, only got root.txt donāt really see how people are getting shell from thisā¦
If anyone is willing to tell me could they PM how they managed to get shell? Out of curiosity
Well, at this point, I donāt actually know what to do with p*******_b*****. Some have mentioned ācrackingā it, others have mentioned it being a compressed format. It looks like hashes and it may have something to do with s** but I havenāt been able to figure it out yet. I have been at this for far too long and I havenāt even gotten user yet.
I am already done with user and root, but i cant understand how i can properly catch what process using/launching file in directory and with what options. Any solutions? I tried lsof, but it is not proper tool i think. Please answer here or PM me.
@JKryten said:
Well, at this point, I donāt actually know what to do with p*******_b*****. Some have mentioned ācrackingā it, others have mentioned it being a compressed format. It looks like hashes and it may have something to do with s** but I havenāt been able to figure it out yet. I have been at this for far too long and I havenāt even gotten user yet.
Itās actually both. Itās a compressed format file with a little āpuzzleā that you have to ācrackā.
I just got root and am wondering how people got shell. I have an idea but if anyone wants to chat let me know.
@0racle said:
@0racle said:
guys ! may i take hint for root? i got user.txt but cant handle root.guys?
What have you got so far? Feel Free to PM me.
Well It was a bit dificult but
getting the root flag wasnāt hard at all.
except dealing with the fact that the box kept getting reset every 5 minutes.
Talk to yāall later!
hello,
i need help about the file to found. I get the u***.txt but i donāt have access to it. Could you help me please.