Am i missing something crucial? i am still struggling to get user even though i have shell for a while, this machine doesn’t really feel like 20 points.
Nevermind, i found what i was missing.
Hint for initial credentials: After looking throught thousands of m****e files, i wouldn’t ever imagine myself finding it where it was.
Hint for user: To have an easier time with priv escs, create a file called my_privesc, and write a todo list on it. Do the steps sequentially, so you dont miss anything.
Hi, could I PM someone about the initial logon. Got the user and the password -1 but tried to apply custom dictionary to use on the form with hydra and burp with the amended possibilities. changed the failed response to mirror the form I either find 16 possibilities or none, the occassional red herring, I’m stumped, even changed for the varying case for username and possible typo for password… many thanks
Edited: thank you to those who responded +1, onto user now
Hi mates, I got the credentials, but i have problems during the logging, i am continuously being disconnected, does anyone have the same problem? i cannot maintain the session open!!
Could some one please help me out with the initial credentials, I must be missing something obvious. I don’t think I can bring my self to trawl through the dirbuster and skipfish outputs again…
@numbfrank said:
Could some one please help me out with the initial credentials, I must be missing something obvious. I don’t think I can bring my self to trawl through the dirbuster and skipfish outputs again…
@numbfrank said:
Could some one please help me out with the initial credentials, I must be missing something obvious. I don’t think I can bring my self to trawl through the dirbuster and skipfish outputs again…
still can’t figure out the password. what’s that last character? is brute-forcing really is the way to do this? tried all the clues i have found near the error…
While creating the box I was thinking whether to make the box realistic or original. So yes, I’m aware that the the way of finding the first password is highly unrealistic. But nonetheless, I hope people will learn something new.
After some enumeration and finding nothing useful, i came to get a nudge. It seems this is one machine to skip, because i prefer technical attack vectors that are at least close to “real world” situations. The moment i read that some guys are reading 2000+ files to find something hidden somewhere just putting me off instantly. I not blame the creator but it is just my 2cents.
@Warlord711 said:
After some enumeration and finding nothing useful, i came to get a nudge. It seems this is one machine to skip, because i prefer technical attack vectors that are at least close to “real world” situations. The moment i read that some guys are reading 2000+ files to find something hidden somewhere just putting me off instantly. I not blame the creator but it is just my 2cents.
These guys failed in first step of enumeration and jumped directly to step 3 or later. Because of that, they are missing step 2.
Many others failed in using tools properly. Don´t be skid bashing commands and try to understand what is your target, why some things are happening and why you see what you see.
@Warlord711 said:
After some enumeration and finding nothing useful, i came to get a nudge. It seems this is one machine to skip, because i prefer technical attack vectors that are at least close to “real world” situations. The moment i read that some guys are reading 2000+ files to find something hidden somewhere just putting me off instantly. I not blame the creator but it is just my 2cents.
These guys failed in first step of enumeration and jumped directly to step 3 or later. Because of that, they are missing step 2.
Many others failed in using tools properly. Don´t be skid bashing commands and try to understand what is your target, why some things are happening and why you see what you see.
Yea thats true.
I think if you look at what you see, you find the first hint very quick. Filesize is too small, maybe he should have picked another filename to make it more pointing out.
Awesome box. I definitely learned a couple things. I dont think the initial part was too bad. Certain tools will pick it up and point it out if you look through the output. There are enough hints in this thread at this pount that no one should be digging through 2000 files…
@FNGCrysis said:
Thanks @opt1kz !
R00ted… had a ■■■■ of a time with priv esc by making assumptions.
any hints for root?
You know something odd is happening. The thing causing can be found by searching for something that would cause it, perhaps even the name of what is going on is a dead giveaway. When you see it, take a look at everything that is happening.
Replicate it on your local machine and you will realize what you actually need to do. When you get to this point, it is extremely important to understand what it is capable of doing.
PS: When you apply for a job, do you reference your own family members or do you list someone outside of your present home? We all do things differently, but one option is considered to be the better answer from a professional perspective
Ok, after all - nice way to get root.txt - i did not try to get root shell, anyone managed ? I was just after the flag and reverted the machine for others to have fun
@Warlord711 said:
Ok, after all - nice way to get root.txt - i did not try to get root shell, anyone managed ? I was just after the flag and reverted the machine for others to have fun
Yes root shell is possible, probably using similar method to that you used to get root.txt