Chaos

I can’t found the credentials, is too obvious ? because i am reading all things line per line > but i don’t see anything yet.

Its way, way too obvious. Just make sure you are looking for the right credentials

@FlameOfIgnis said:

I can’t found the credentials, is too obvious ? because i am reading all things line per line > but i don’t see anything yet.

Its way, way too obvious. Just make sure you are looking for the right credentials

Thanks for your answer, i will be patient with this xD

Need a hand with the decoding of file. pm pls if anyone can help

Nope… not finding these elusive creds.

Currently trying to decode, if anyone is willing please PM me for a hint :smiley:

guys I got the creds alrdy . and now Im trying to get webmail server.

any hint would much appreciated!

Edit: Spoiler :D, Sorry guys

I’m stuck. Found w****n and creds but don’t know what to do. Please PM.

@ferreirasc said:
Hints for privesc? I’m looking for juicy information inside .mo*****…

Am I in the right path? :expressionless:


something strange happened , i got user flag and submitted it but in progress bar no changes happened. it was zero before the flag and zero after the flag. can someone explain this to me?? :slight_smile:

Rooted

Root
For me it was not so obvious or logical to get root, in fact it was something weird but in the end it makes some sense.

Clue: It seems that the user left unprotected things out there, it’s a kind of time travel with the f*x

It should be enough, but just in case, the root is focused on W*****

Rooted.

I do not know what to think of this box.

Several foolish steps and other interesting … :expressionless:

Thx guys for the directions.

Tip for privesc: The path to root is in front of you. Focus on the files that your user owns. Remember well all the passwords obtained throughout the process. They can be important in several steps.

If there is any spoiler here… feel free to edit my post :slight_smile:

can anyone PM with links that helps in understanding how to decrypt the file ??

I’m stuck. Found w****n and creds but don’t know what to do. Please PM.

Rooted…

This machine is rated easy, not because it is straightforward, but because it does not require any advanced knowledge in pen testing…

I don’t, however, think it will add much knowledge to a beginner trying to learn…

Most of the steps do not require complicated solutions, but rather looking around and eliminating potential solutions one by one until the right one is left.

If you are stuck, need a little help, or need just a nudge in the right direction, PM me and I’ll be glad to help :slight_smile:

I have mixed feelings with this box. The privesc was very straightforward and is likely something you’d see someone do in a real world scenario, but the initial foothold was just odd. PM me if you are totally stuck and need a nudge, but the hints in this thread are very helpful.

After getting user I have to agree with the majority of opinions on this thread that this is a massively CTF oriented box and at a few steps I was purely in disbelief at the approach this box took. Thanks to the few that provided me with some hints!!

When you’ve found w*****l creds, look closely at your nmap scan and think of ways to utilize the service running with a known tool.

Rooted.

Learnt a few new things from this. Thanks @sahay

Chill out guys, the box was not that bad. I actually enjoyed it. My thank to the author sahay for the box.
Some hints:

  • User: enumeration, use the information you found on one service for the other (at some point it might require some guessing, but no crazy bruteforcing required).
    Once decrypt the encrypted, RCE on the service would give you shell. Then going to user is straightforward (might need escaping/or not, I didn’t need to).
  • Root: everything you need is right in front of you. You should be able to find the thing that user saved one specific application.
    PM if you need a nudge.