Zipper

@alrightalright said:
On foothold:
Does anyone else get a positive hit on hydra but the login doesnt work? Ive never seen this before :confused: sorry if stupid question

not a stupid question but was asked already multiple times :slight_smile:
I won’t hand it to you, sorry - go back in this topic and you will find it

@sajkox said:

@alrightalright said:
On foothold:
Does anyone else get a positive hit on hydra but the login doesnt work? Ive never seen this before :confused: sorry if stupid question

not a stupid question but was asked already multiple times :slight_smile:
I won’t hand it to you, sorry - go back in this topic and you will find it

Right hahah, seeing now that hydra isnt the way to go. Ill guess some

Not what i meant though. I myself used hydra but it’s not required. I found same thing u did it’s a progress and useful info. Read further…

Got the reverse shell. But not able to navigate to home or any folders. So any hints here appreciated. Thanks

@sesha569 said:
Got the reverse shell. But not able to navigate to home or any folders. So any hints here appreciated. Thanks

What user are you? As mentioned in this thread - the right place and user can see home folder. If you can’t - you are in the wrong place. Zabbix is quite specific…

i’m able to execute code both on server and agent, but unable to got a stable rev shell, due to timeout…
found also a my**l credential, but unable to login on the db from server…

any help?

Got this box, user can be a bit annoying (read the object doc), root is pretty easy! Thanks a lot to @Baikuya and @whipped for their help!

Root is easy… if you know the right technique. I didn’t - but looks like it is a handy one!!

Thanks to @J0rdan @samsepi0l and @dReadB0t138 for chat and working on this with me. Great box to learn a lot. And to learn how to learn…

Got root before user…

Those saying to just grab the key to get stable shell… at least in my case you’re not the right user to get the keys… so getting root was easier.

Lost a lot of time on initial foothold and I can’t say I learned anything new on that part. Remove if you consider this a spoiler. The hint regarding “a typo in a word while logged as Guest” refers to an unusual name compared to the machine’s name. You can’t miss it. Pay attention to “case sensitive” and you will know you got it right when a different message than “incorrect password” will be shown. The password for that unusual “typo” user is at simple as possible, so just guess it, no brute-force needed. Feel free to PM me for that part.

Got user. By far the best box I’ve done so far! Great work @burmat

Added script in the GUI. But not able to find the place where execute that?
any hints? thanks.

any hints to initial foothiold ?
just got my syntax for hydra right -i think , but it outputs that all passwords are correct !!

Anyone able to PM me I would be grateful. I have what looks like a successful exploit but cant find any documetation on the CLI. A point in the right direction would be appreciated :slight_smile:

I got the reverse shell but for the z****, can’t access anything. I think i am at wrong place ,
if i am on right track then please PM me. Need urgent help plzzzzzz.

@CGonzalo said:
Rooted. Thank you very much to @fjv @eRaMvn and @Baikuya

If you need help, let me know!

please pm me i need urgent help

As a newbie, getting user was pretty simple & straight forward.

Hints for initial foothold & user:

  • Enumerate as guest login, find what is happening.
  • Read system documentation, it is handy.
  • Try changing some configurations.
  • Once you got in, see what is in front of you. Is there something hidden?
  • Got user? Congratz. [ Grab a check point that a lot of people mentioned here for easy access].

For root I must admit that I suffered for days. But reading here and there, Its pretty easy.

Hints for root:

  • Do not over complicate things. [ Like I did]
  • SimplePrivEsc shall guide you.
  • Enumerate what you see.
  • Google is your best friend to learn new things.

I hope this is not much of a spoiler. although all the points are mentioned in previous posts.

Special thanks to the creator. [Root Dance is fun]

Rooted

I just wanted to post and say how much I enjoyed this box and learned some really cool vulnerabilities and exploits about the service used as well as the method of priv esc. We need more boxes like this!!

Guys Could you please Stop Resetting this box …

Hi, i enumerated correct username and password, i installed z*****-cli and i can run some commands but i can not run any scripts. Is there are a way to bypass gui access or reset admin password?

Thanks.