Hint for Waldo

Got root, but I’m a little puzzled by something re: SSH. PM me if you’d like to discuss.

Just rooted. A very nice final part that explores a non usual priv escalation method.

I am stuck on the directory traversal. I been looking through the .js and can’t figure it out. Any hints would be appreciated.

Nevermind. Was over thinking it :expressionless:

Rooted :slight_smile:
But just read root flag… Can’t get a root shell :worried:
Is it possible? crack shadow? root private key? anything else?

thx :slight_smile:

Finally got root!
Took me a few days, but i got it! :slight_smile:

This forum gave me a lot of hints, so thanks everyone for sharing your ideas!

Finally rooted this one.

Seems like a fairly troll-y box with a very unique way to get the root flag.

nvm.

done and done if your having issues with formatting check this thread out and look for a post about using sed to clean up what you have and don’t give up

I have managed to get the user flag. I am now on root. I did some JB*****K and basic unumeration. I have a feeling that the JB*****K won’t help. I did more but I can’t go into details because of spoiler.
I am stuck and I won’t give up. Can some send me PM with a small hint?

Hey everyone looking for a nudge in the right direction re: initial foothold. I know whats happening, know what Im supposed to do, think my php just needs a little tweak. PM if you’re willing to give me a small hint :slight_smile:

This one is driving me mad to get the foothold

@lmalvo83 said:
This one is driving me mad to get the foothold

Check what you initially find out about the box there’s something that will gain your initial foothold in the box if you need help PM me

Anyone got any ideas? Been playing with RESTClient to try read directories or files using fd.php and dd.php but its returning false on whatever I throw at it. Any ideas? The background image requires a passphrase to extract st**** data from it.

Im suck and not sure what is wrong. I got the m****** file and put it though sed to strip out everything bad, but then I try to ssh n****y@10.10.10.87 and I am getting “Permissions 0644 for ‘********.key’ are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.”

Can anyone give me a hint as to where I have gone wrong?

@Makarios said:
Im suck and not sure what is wrong. I got the m****** file and put it though sed to strip out everything bad, but then I try to ssh n****y@10.10.10.87 and I am getting “Permissions 0644 for ‘********.key’ are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.”

Can anyone give me a hint as to where I have gone wrong?

That error tells you exactly what the issue is, just chmod to the right perms

@Derezzed said:

@Makarios said:
Im suck and not sure what is wrong. I got the m****** file and put it though sed to strip out everything bad, but then I try to ssh n****y@10.10.10.87 and I am getting “Permissions 0644 for ‘********.key’ are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.”

Can anyone give me a hint as to where I have gone wrong?

That error tells you exactly what the issue is, just chmod to the right perms

I did try to chmod 777 it, but It comes up with the same resluts. Only difference is it says “Permissions 0777” instead of “Permissions 0644”

@Makarios said:

@Derezzed said:

@Makarios said:
Im suck and not sure what is wrong. I got the m****** file and put it though sed to strip out everything bad, but then I try to ssh n****y@10.10.10.87 and I am getting “Permissions 0644 for ‘********.key’ are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.”

Can anyone give me a hint as to where I have gone wrong?

That error tells you exactly what the issue is, just chmod to the right perms

I did try to chmod 777 it, but It comes up with the same resluts. Only difference is it says “Permissions 0777” instead of “Permissions 0644”

http://bfy.tw/LHwW

:bleep_bloop:

@Makarios said:

@Derezzed said:

@Makarios said:
Im suck and not sure what is wrong. I got the m****** file and put it though sed to strip out everything bad, but then I try to ssh n****y@10.10.10.87 and I am getting “Permissions 0644 for ‘********.key’ are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.”

Can anyone give me a hint as to where I have gone wrong?

That error tells you exactly what the issue is, just chmod to the right perms

I did try to chmod 777 it, but It comes up with the same resluts. Only difference is it says “Permissions 0777” instead of “Permissions 0644”

It’s telling you that the key file shouldn’t be accessible to others, 777 gives it more perms :confused:

@Derezzed said:

@Makarios said:

@Derezzed said:

@Makarios said:
Im suck and not sure what is wrong. I got the m****** file and put it though sed to strip out everything bad, but then I try to ssh n****y@10.10.10.87 and I am getting “Permissions 0644 for ‘********.key’ are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.”

Can anyone give me a hint as to where I have gone wrong?

That error tells you exactly what the issue is, just chmod to the right perms

I did try to chmod 777 it, but It comes up with the same resluts. Only difference is it says “Permissions 0777” instead of “Permissions 0644”

It’s telling you that the key file shouldn’t be accessible to others, 777 gives it more perms :confused:

yeah, i got it now. Its late and im idiot. i went the wrong way, thank you for your help

@Makarios said:

@Derezzed said:

@Makarios said:

@Derezzed said:

@Makarios said:
Im suck and not sure what is wrong. I got the m****** file and put it though sed to strip out everything bad, but then I try to ssh n****y@10.10.10.87 and I am getting “Permissions 0644 for ‘********.key’ are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.”

Can anyone give me a hint as to where I have gone wrong?

That error tells you exactly what the issue is, just chmod to the right perms

I did try to chmod 777 it, but It comes up with the same resluts. Only difference is it says “Permissions 0777” instead of “Permissions 0644”

It’s telling you that the key file shouldn’t be accessible to others, 777 gives it more perms :confused:

yeah, i got it now. Its late and im idiot. i went the wrong way, thank you for your help

Haha, no worries.

Finally managed to get the user.txt on n***** user. really struggling with root. Any suggestions?