Hint for Waldo

@Makarios said:

@Derezzed said:

@Makarios said:
Im suck and not sure what is wrong. I got the m****** file and put it though sed to strip out everything bad, but then I try to ssh n****y@10.10.10.87 and I am getting “Permissions 0644 for ‘********.key’ are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.”

Can anyone give me a hint as to where I have gone wrong?

That error tells you exactly what the issue is, just chmod to the right perms

I did try to chmod 777 it, but It comes up with the same resluts. Only difference is it says “Permissions 0777” instead of “Permissions 0644”

It’s telling you that the key file shouldn’t be accessible to others, 777 gives it more perms :confused:

@Derezzed said:

@Makarios said:

@Derezzed said:

@Makarios said:
Im suck and not sure what is wrong. I got the m****** file and put it though sed to strip out everything bad, but then I try to ssh n****y@10.10.10.87 and I am getting “Permissions 0644 for ‘********.key’ are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.”

Can anyone give me a hint as to where I have gone wrong?

That error tells you exactly what the issue is, just chmod to the right perms

I did try to chmod 777 it, but It comes up with the same resluts. Only difference is it says “Permissions 0777” instead of “Permissions 0644”

It’s telling you that the key file shouldn’t be accessible to others, 777 gives it more perms :confused:

yeah, i got it now. Its late and im idiot. i went the wrong way, thank you for your help

@Makarios said:

@Derezzed said:

@Makarios said:

@Derezzed said:

@Makarios said:
Im suck and not sure what is wrong. I got the m****** file and put it though sed to strip out everything bad, but then I try to ssh n****y@10.10.10.87 and I am getting “Permissions 0644 for ‘********.key’ are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.”

Can anyone give me a hint as to where I have gone wrong?

That error tells you exactly what the issue is, just chmod to the right perms

I did try to chmod 777 it, but It comes up with the same resluts. Only difference is it says “Permissions 0777” instead of “Permissions 0644”

It’s telling you that the key file shouldn’t be accessible to others, 777 gives it more perms :confused:

yeah, i got it now. Its late and im idiot. i went the wrong way, thank you for your help

Haha, no worries.

Finally managed to get the user.txt on n***** user. really struggling with root. Any suggestions?

blocked by the enumeration… any hint ?

There’s an imba file in the host. Exhaust all means to enumerate.

Rooted. All the methods used are really simple, though in the privesc i required some hints in order to proceed also a google search proved to be useful , and root was about a matter of seconds, a very well made box, kudos !!

Stuck on root… I’ve broken out of the rbash using r**d but am not finding a way to read root. Could someone PM me a hint…? :slight_smile: Thanks in advance

Learnt something new in the PrivEsc - uncertain as to whether I enjoyed it, but I certainly learnt something new and important.

Got user and root after a few days of playing with the box and a lot of trial and error. A great learning exercise. On to the next box.

hi there, i am new and in need of a hint…been stuck on simple dir…tra… techniques and i think i am overlooking something or have a string/command error and cant figure it out?! anyone wants to give me a clue via PM ? i have a feeling that i am on the right path but hitting a wall for now… ps.: i am able to read/write lists, add data to them, see the html/localhost folder, but not able to access them…also tried different URI decodings etc…i am pretty new on website attacks as well :smiley: thx alot!!

@dReadB0t138 said:
hi there, i am new and in need of a hint…been stuck on simple dir…tra… techniques and i think i am overlooking something or have a string/command error and cant figure it out?! anyone wants to give me a clue via PM ? i have a feeling that i am on the right path but hitting a wall for now… ps.: i am able to read/write lists, add data to them, see the html/localhost folder, but not able to access them…also tried different URI decodings etc…i am pretty new on website attacks as well :smiley: thx alot!!

have you tried reading the php files using the other php file?

hint: it’s not about decoding. :slight_smile: it’s about repeating something…

g0t r00t…
drop me a message If you need help :slight_smile:

had to edit the file manually. :slight_smile:

can anyone pm me for priv esc hints
Thank you

for someone struggling with user - let’s say ‘12123434’ escaped from ‘1234’ will look like ‘1234’

Can someone PM me with a hint for PHP? I thought I was doing it right, but I can’t get it working.
Thanks

Finaly got root flag for waldo. Interested way to do privilege escalation. I learned alot of this box.

Got root flag. Thanks to @marvin7408 for the hint to get me over the finish line. PM me if you need hints.

Write-up en español: