Hint for Waldo

Got root :slight_smile: Thnx @Clmtn for mentoring…
Nice box…

Rooted this box last week, very fun one to do! Requires plenty of research and i learned some new things in the process. :slight_smile: If anyone needs some hints, feel free to message me, i don’t spoil anything, i just nudge you in the right direction.

Going through the thread absolutely helped, finally got root.

  • The user part was where I spent most of the time, problem was using the wrong file. The commands about cleaning the retrieved file in vim were solid.

  • I used this for the last part, was also posted in the thread.
    An Interesting Privilege Escalation vector (getcap/setcap) - NXNJZ

  • Just remember to look for the files, because of path!!

Happy to help anyone who needs a nudge :smile:

ikuamike

rooted months ago, anyone interested in talking about alternative hacking ways ? Cheers

Rooted at last. Pop me a shout if you need a hand

Has anyone got root shell yet? Got the flag and am messing around with that.

I found the link below much more helpful for escaping jail

Got root flag.

Took my a little while to get the initial foothold, missed a simply step to go from N to M.

Then while breaking out I made a dumb error and didn’t set the right P***… Then, spend ages looking at the files at hand, instead of what everyone recommended me here to do in order to become a capable hacker.

Overall quite a fun box and a nice new topic learnt.

removed

Got root, but I’m a little puzzled by something re: SSH. PM me if you’d like to discuss.

Just rooted. A very nice final part that explores a non usual priv escalation method.

I am stuck on the directory traversal. I been looking through the .js and can’t figure it out. Any hints would be appreciated.

Nevermind. Was over thinking it :expressionless:

Rooted :slight_smile:
But just read root flag… Can’t get a root shell :worried:
Is it possible? crack shadow? root private key? anything else?

thx :slight_smile:

Finally got root!
Took me a few days, but i got it! :slight_smile:

This forum gave me a lot of hints, so thanks everyone for sharing your ideas!

Finally rooted this one.

Seems like a fairly troll-y box with a very unique way to get the root flag.

nvm.

done and done if your having issues with formatting check this thread out and look for a post about using sed to clean up what you have and don’t give up

I have managed to get the user flag. I am now on root. I did some JB*****K and basic unumeration. I have a feeling that the JB*****K won’t help. I did more but I can’t go into details because of spoiler.
I am stuck and I won’t give up. Can some send me PM with a small hint?

Hey everyone looking for a nudge in the right direction re: initial foothold. I know whats happening, know what Im supposed to do, think my php just needs a little tweak. PM if you’re willing to give me a small hint :slight_smile:

This one is driving me mad to get the foothold

@lmalvo83 said:
This one is driving me mad to get the foothold

Check what you initially find out about the box there’s something that will gain your initial foothold in the box if you need help PM me

Anyone got any ideas? Been playing with RESTClient to try read directories or files using fd.php and dd.php but its returning false on whatever I throw at it. Any ideas? The background image requires a passphrase to extract st**** data from it.