Zipper

got root!!! :slight_smile:
really cool box… i learned a really lot from it…
root is really easier than user…
pm me for hint.

Could someone send me a nudge on what to do after getting a stable shell? Can’t see user.txt and know I need to go somewhere else but no idea what to do…

Edit: got user, on to root!

Hi. I’ve got a reverse shell on Zipper. Can anybody PM me how to get user z*****? I got stuckkkk…:S

@sk41 said:
Hi. I’ve got a reverse shell on Zipper. Can anybody PM me how to get user z*****? I got stuckkkk…:S

I’m in the same boat. Got some mysql credentials but I guess that’s just a dead end. Could someone send me a nudge?

Hi Guys, I am stuck in the initial foothold. I see there is a default apache page in port 80. Tried enumearting with gobust but no luck.

Am i in right path. Any hint.?

@cater1257 said:
Hi Guys, I am stuck in the initial foothold. I see there is a default apache page in port 80. Tried enumearting with gobust but no luck.

Am i in right path. Any hint.?

What else did you get from your port scan? Maybe you will find more info doing a full port scan.

Here is a very useful tip so you don’t waste your time waiting for nmap:

There is port 10*** but cannot connect to it either.

Got shell to the right server but can’t su to z****r because the password is not correct. Is it the same as the web service or is it different?

Got user and root here. Machine user was annoying. Nothing new learnt from here, maybe i learnt how to read beacuse of that documentation… On the countrary root was an interesting part where i learnt a lot. Not a bad machine at all.

Anyone so kind that will help me please??? I’m in stuck on initial foothold, I’ve found some stuff but still no credentials.
Please PM me.

How to get a stable shell on z*****. once i connect it throws me out of it. any problem with it

Wow! Rooted, without user. Learn a new thing, thank you for this experience!! :slight_smile:

Completed this machine if anyone need help feel free to pm :slight_smile:

if u spend more then 30 min to get root …i’m sure u will slap u’r face when u find-out :slight_smile: just like i did …nice box thanks

So I have a stable reverse shell - In the wrong place. I have API access through 3**37 and GUI access with super user privs… Can create and run scripts, but I can’t get the frickin things to execute in the right place. Any advice a depressing friday night like this? I reckon there is an issue with the h****d, but no matter how I fiddle, the outcome seem to be the same. =)

Hi, i have found an interesting s***pt related to priv. esc. I have followed what it does but i can’t read any file. What should be done?

I know how to execute what i want over the J*** A**, but i cannot for the love of god find this spelling mistake everyone is talking about, that “gave up” the admin user creds.

nvm

Finally rooted. Lesson of the day is not to try and exploit a non-reverted machine. Creds to @burmat for this box - I really, really enjoyed it!

Stuck? Feel free to PM for vague nudges. =)

Initial foothold was the hardest part of this machine.
User took a while, but I tried something really basic and it worked. I was overthinking.

Whilst trying to get user I found the root privesc way, I just couldn’t do it. But then it took only a couple of minutes at most.

Great machine overall!

Initial Foothold:
No bruteforce. Think smart. Take what you can with what you have. Something may look similar or like a typo, but it’s not.

User:
There’s something unusual running around. Check what it does, how it works, you may find useful information on your quest

Root:
There’s really only one place that hints you about anything to do with root. Think smart about the possibilities that you have in hands. You may need to really understand the User step.

If there are any spoilers please PM me and I’ll quickly remove it. Thanks!