Irked

Got it! :wink:

just rooted it … pm for any hints :wink:

@AgustinCB said:

Maybe that file is just the first piece of the puzzle and you’re missing another one, then :).

Oh man… Kicking myself for not thinking of that!

Hint - Go back to what you found during your initial enumeration.

Got user. Now trying to get root.

found the b*********p file but doesn’t make any sense. Trying to think out of the box but no luck.

@whitesails said:
found the b*********p file but doesn’t make any sense. Trying to think out of the box but no luck.

there’s a key word in that file, it’s short for a longer name, look closer

on what type of file would you use that word on… have you seen any of those around during your initial enum?

Looking at the key word but no clue…

Just got user! nice

Rooted! Getting a shell was ok with MSF, but then … the very first thing I do on a *nix box for priv-esc enum and I OVERLOOKED it COMPLETELY! Tip: Read every line of output, line-by-line, again. Easy to miss this.

@sx02089 said:
Rooted! Getting a shell was ok with MSF, but then … the very first thing I do on a *nix box for priv-esc enum and I OVERLOOKED it COMPLETELY! Tip: Read every line of output, line-by-line, again. Easy to miss this.

good on ya! Still struggling with priv esc, probably missing something from the enum as you mention…

Anybody have some time to help? I’m looking to get root. I think I’ve found something that’s not usually on Linux machines (not an easy task for me yet), but I’m worried I’m creating my own rabbit hole :).

any ideas of how to get the enumeration shell script to run, keep saying permission denied

Done! Get user flag is very cool, root flag without privilege escalation, is needed lot of patience and attention with unusual binaries. Anyone got root with privilege escalation?

@sx02089 said:
Rooted! Getting a shell was ok with MSF, but then … the very first thing I do on a *nix box for priv-esc enum and I OVERLOOKED it COMPLETELY! Tip: Read every line of output, line-by-line, again. Easy to miss this.

The same happened to me! It’s tricky because the clue looks like something standard.

@galoryber said:
Anybody have some time to help? I’m looking to get root. I think I’ve found something that’s not usually on Linux machines (not an easy task for me yet), but I’m worried I’m creating my own rabbit hole :).

If you found it, it should work right away.

@AgustinCB said:

@galoryber said:
Anybody have some time to help? I’m looking to get root. I think I’ve found something that’s not usually on Linux machines (not an easy task for me yet), but I’m worried I’m creating my own rabbit hole :).

If you found it, it should work right away.

It depends if someone else has done the dirty work for you yet or not :slight_smile:

@d3ku said:

@AgustinCB said:

@galoryber said:
Anybody have some time to help? I’m looking to get root. I think I’ve found something that’s not usually on Linux machines (not an easy task for me yet), but I’m worried I’m creating my own rabbit hole :).

If you found it, it should work right away.

It depends if someone else has done the dirty work for you yet or not :slight_smile:

Oh, interesting. Then maybe the previous user forgot to reset the machine before I got in… Sending a PM.

crack out the perm manual

Hello, I’m new to HTB. Been reading the forums, writeups, watching IppSec, trying challenges and several boxes.

Obtained user successfully, but am struggling with root. Things I’ve tried so far:

  • re-read this thread for clues
  • carefully went line by line through list of binaries (running and not) as suggested
  • tried enum scripts and read through the output multiple times
  • Googled for common enum techniques, read through several blogs, tried the suggestions
  • tried comparing box and files to typical Linux box and files
  • tried looking for the “b” and “v” files explicitly mentioned in this thread

Kind of feels like if you know it, you’ll get it, and if you don’t, you won’t.
Similar to how if you’re color blind, no matter how hard you try, you won’t be able to see the hidden numbers amongst the dots.

Not sure what to try next. Any clues as to what I’m missing here?

@OldManWinter I guess we should try harder. Same situation

ok, so far so good. Got a shell, found the b*** file. But I’m too dumb to figure out how to replace what with what. Any hints?

update: got root directly. I still have no idea how to solve the stego part…