Curling

Got root.txt but still lingering thoughts/questions. My take away from this box is to not have a config file for a service running as root be writable by a non root user.

I’d like to know how people a getting a shell but I still want to figure this rather than be told
so my question is,
what service is updating the ad**-ar** files?

edit:
I tried putting in the location of shell in the same format as root and got binary as output.
Any care to explain in a pm?

@nate6268 said:
Hello, I could use a hint for root.txt. PM appreciated. TY

On the same boat… unable to understand how to leverage the a-a area files to get root.txt

stuck at p****_b***p. The magic number shows it as bz. I decompress it and it gives still hexdecimal data. FILE $FILE says its ASCII. Any nudges please

WTF ?

WARNING: Failed to daemonise. This is quite common and not fatal. Connection refused (111)

in my browser !

edit: works now

Got user, super simple, just work with what you got. :smiley: PM me if you need help. this box should be easy from what I hear.

Got user !

@fl337 said:
Got user, super simple, just work with what you got. :smiley: PM me if you need help. this box should be easy from what I hear.

after how long does the command run. checking ps every 1 min now.

Got root. I really liked this box to be honest. I know there’s a lot of talk about it being easy, and I get that the techniques used for user/root aren’t super complex, but it was still a nice little challenge.

What’s most important is that I learned a few things on this box. Very nice.

PM here or on nsf for help if needed.

Hi Guys, any hints on user and root? I have a shell, and can get into the use folder but cannot read the .txt. the other p*******_b***** file seems to not open? Checked out the file signatures etc, cant seem to find what i need to do to get it to open.

There is one post in this thread in regards to that b***** file which imo gave away exactly what you needed to do. The poster gave away some info you could google.

Could use a PM with help getting root. I see whats going on, but dont know how to modify to leverage the process writing/reading correctly. Thanks!

EDIT - nvm! ■■■■ i dont know how i overlooked how to get root.txt … now onto root shell!

You have tried to upload file that are not safe. Knowing that i whitelist the extension. Any hint please

EDIT: i got the reverse shell.

Rooted, fun machine :slight_smile:

Any hint for decompressing the file b**** i tested a lot of thing but without success. I find the extension of the file but can’t extract any information

Got root flag about a week ago, but I just HAD to get root shell. Having only been on Linux for a few weeks now, this was quite a learning experience.

Special thanks to @deviate for getting my head straight and finally getting the root shell.

Got root flag, interesting choice of a name for a box :wink: Learned a lot.

Anyone could PM me how to get the root, struggling with curl… but no result.

I am trying c*** on r**tr**t.txt but getting error Can any body let me know am I moving in right direction

Got a shell via upload, and the pass file. However have no idea what to do with it. The thread give a good clue but not really sure how use it… Any hints or PMs welcome!

UPDATE: Followed the steps from a hint in this thread, dont understand what I did, or how i did it, but I have user…

Overthinking as usual :slight_smile: