Irked

Nice box - getting user was annoying - i prefer technical CTF, not steg stuff or such.

Root took me like 2 minutes - just do really really basic enumeration and check the output of unusual stuff.

Rooted the machine. Initial nmaps did not work for me so I had to reset the box before i got the information needed for initial foothold.

Pm me if you need advice.

I need help with privesc I found a pass but I do not know where I can use it and try the most common, I feel that something is happening to me

Anyone know a good alternative for linenum that will work on this box? linenum brings out too much, so the actual solution is buried pretty deep

Trying to exploit using msf, any clue what the LPORT should be?

@ALIENM0NK said:
Trying to exploit using msf, any clue what the LPORT should be?

The (L)port doesn’t really matter, metasploit uses 4444 by default. The RHOST and RPORT is something different in this case (especially RPORT)

@xdaem00n said:

@ALIENM0NK said:
Trying to exploit using msf, any clue what the LPORT should be?

The (L)port doesn’t really matter, metasploit uses 4444 by default. The RHOST and RPORT is something different in this case (especially RPORT)

I have it set, I am not using the default port I changed it, I am using Kali on VM can that be the issue?

@drywaterv2 said:
Anyone know a good alternative for linenum that will work on this box? linenum brings out too much, so the actual solution is buried pretty deep

try the enum script of https://highon.coffee

got the reverse shell and found the b***** file and know where it is from but having a hard time getting a password from this. Can anyone give me a nudge?

EDIT: Just kidding, got user and root. PM if you need some guidance

@ALIENM0NK said:

@xdaem00n said:

@ALIENM0NK said:
Trying to exploit using msf, any clue what the LPORT should be?

The (L)port doesn’t really matter, metasploit uses 4444 by default. The RHOST and RPORT is something different in this case (especially RPORT)

I have it set, I am not using the default port I changed it, I am using Kali on VM can that be the issue?

Double check your LHOST.

Hey I cant seem to get my msf exploit working. It keeps saying cant bind to the port.
Can someone PM me so I can ask some questions?

i have absolutely no clue what this b**p file is telling me, it makes zero sense to me.

@craftxbox said:
i have absolutely no clue what this b**p file is telling me, it makes zero sense to me.

in the same I am

and people are trying to dirtycow it… still.

I already think the stego is in the b*********p file asks me for the password but what I’m using tells me that it does not support the file format

@d3ku said:
Hey I cant seem to get my msf exploit working. It keeps saying cant bind to the port.
Can someone PM me so I can ask some questions?

check if your “postgresql” service is running

@Vburgos said:
I already think the stego is in the b*********p file asks me for the password but what I’m using tells me that it does not support the file format

Maybe that file is just the first piece of the puzzle and you’re missing another one, then :).

Interesting machine. First time I actually have to use s************. Although I suspect, as others, that it’s not necessary: You can get root without.

Got it! :wink:

just rooted it … pm for any hints :wink:

@AgustinCB said:

Maybe that file is just the first piece of the puzzle and you’re missing another one, then :).

Oh man… Kicking myself for not thinking of that!

Hint - Go back to what you found during your initial enumeration.

Got user. Now trying to get root.