Lightweight

AT LAST USER!!! I had it since the begining but I didn’t look close.
Now going for root.

Hi, please, I need some help getting user, I have tried a great deal of things, can someone PM me please, thanks

think i have user not sure, can somone pm? appreciated!

oof i’ve got user, but i’m like 99.74% sure i didn’t do it right :confused:
can someone else DM me about it? i’m pretty sure i’m missing something

Rooted!

Thanks mates for the help in the user part. Lesson learned. D:

Root part is straightforward, just follow the @fjv tips in this thread. :+1:

PM if you are stuck! :slight_smile:

Anyone got any hint on how to circumvent the websites banning system? Thoroughly stuck…

@Center said:
Anyone got any hint on how to circumvent the websites banning system? Thoroughly stuck…

time waiting

@Center said:
Anyone got any hint on how to circumvent the websites banning system? Thoroughly stuck…

As you can see browsing to port 80, you already have the answer to your question:

"This server is protected against some kinds of threats, for instance, bruteforcing. If you try to bruteforce some of the exposed services you may be banned up to 5 minutes.

If you get banned it’s your fault, so please do not reset the box and let other people do their work while you think a different approach."

That is to say: “Think a different approach.”

hi mates, i have been trying to capture the intended packets for a while, but nothing seems to be working!!! can someone who already did it, give it a try to check if it is working?

@Center you can bypass the banning, but you really don’t need to.

Last part was nice :slight_smile:

@IteXss said:
hi mates, i have been trying to capture the intended packets for a while, but nothing seems to be working!!! can someone who already did it, give it a try to check if it is working?

Output it to a file and read it with another packet reading program on your local machine.

@Phrenesis2k said:

@IteXss said:
hi mates, i have been trying to capture the intended packets for a while, but nothing seems to be working!!! can someone who already did it, give it a try to check if it is working?

Output it to a file and read it with another packet reading program on your local machine.

xxd is quicker :slight_smile:

Hi everybody,

I am stuck on the lowpriv shell. Could someone PM me with hints to escalate to user?

Thanks in advance

can any one point me in the right direction. I do not see anything that sticks out. I see people are talking about capabilities but I do not see any files that would help with that. A PM with a nudge would be helpful. Maybe even a website with some information. Thank you.

@librab103 said:
can any one point me in the right direction. I do not see anything that sticks out. I see people are talking about capabilities but I do not see any files that would help with that. A PM with a nudge would be helpful. Maybe even a website with some information. Thank you.

Look a bit closer, its there, took me a while. I’ve found them, if anyone could help me exploit as never done it before would be a help.

@scottglossop said:

@librab103 said:
can any one point me in the right direction. I do not see anything that sticks out. I see people are talking about capabilities but I do not see any files that would help with that. A PM with a nudge would be helpful. Maybe even a website with some information. Thank you.

Look a bit closer, its there, took me a while. I’ve found them, if anyone could help me exploit as never done it before would be a help.

I will take another look at the box later.

Got root flag but no shell so far.
Going to look how to get root shell.
If anyone needs help feel free to PM me.

@lnx said:

@Phrenesis2k said:

@IteXss said:
hi mates, i have been trying to capture the intended packets for a while, but nothing seems to be working!!! can someone who already did it, give it a try to check if it is working?

Output it to a file and read it with another packet reading program on your local machine.

xxd is quicker :slight_smile:

Even strings can do the job!

@korrey said:

@lnx said:

@Phrenesis2k said:

@IteXss said:
hi mates, i have been trying to capture the intended packets for a while, but nothing seems to be working!!! can someone who already did it, give it a try to check if it is working?

Output it to a file and read it with another packet reading program on your local machine.

xxd is quicker :slight_smile:

Even strings can do the job!

yes, its better :wink: