Irked

Hi,
I got access to the box using metasploit. after that I am struggling with user/root.
I found the .b***** file . and I know it’s steg but can’t discover the right password and what to do with it.
I also know that for root I enumerate S*** file and check for the different files. I think about two files one with 1 letter and the other with 2 letters but can’t get how I can perfrom priv esc through them.
I have little experience with linux. Si, I’d appreciate any help through DMs.

@vmonem said:
Hi,
I got access to the box using metasploit. after that I am struggling with user/root.
I found the .b***** file . and I know it’s steg but can’t discover the right password and what to do with it.
I also know that for root I enumerate S*** file and check for the different files. I think about two files one with 1 letter and the other with 2 letters but can’t get how I can perfrom priv esc through them.
I have little experience with linux. Si, I’d appreciate any help through DMs.

PM me.

@Xurfcha said:

@vmonem said:
Hi,
I got access to the box using metasploit. after that I am struggling with user/root.
I found the .b***** file . and I know it’s steg but can’t discover the right password and what to do with it.
I also know that for root I enumerate S*** file and check for the different files. I think about two files one with 1 letter and the other with 2 letters but can’t get how I can perfrom priv esc through them.
I have little experience with linux. Si, I’d appreciate any help through DMs.

PM me.

I did Kindly check your messages

Rooted. Thanks to @Xurfcha / @Puru / @mannubb / @Ozeus / @Baikuya / @noobsaibo
/ @Fluxx79, I learned a lot from you guyz… Thank you so much… This is my first box and I really enjoyed it… Can you please also share me the some materials to study for doing the CTF or HTB… Please PM me… Really appreciate all your guidance…

usered & rooted.
This is my first box and I LOVED it, learned so many things.

Focused too much on using exploits when is not all what you need. Enumeration and going back to basics does the job.

I’ve tried enumerating the S*** ******* on the target vs my local, but I can’t see the thing sticking out at me. I’m starting to feel really, really blind. Anyone care to message me with a nudge to the right direction?

could someone please pm some hints on the priv esc as well same situation as above ^^

Ok it’s my frist box, I’m in with low priv. Could sameone palese pm some hits on priv esc?

Just rooted, first box. It’s a very CTF style box. Still, I enjoyed it, although a harder root would be more interesting.

Thank you @MrAgent for the box and everyone on this thread, definitely learnt a lot.

I hope my tips are more thought provoking than just ‘enumerate… enumerate’ or ‘it’s right in front of you’ or ‘try harder’ which is never going to work if you don’t know where to look. Definitely didn’t work from me.

For user, if you’re still lost, you’re missing a concept that most CTF type challenges considers important. Try to extract as much as possible from the .*****p file and google as much as possible. That will lead you to a ‘method’ of hiding information that can evade monitoring systems from detecting it. Once you know what ‘method’ is being used, look for ways to extract info from it.

For root, which was non-trivial for me, look for programs that use higher privileged accounts and try to abuse them. What would you do to these programs who used higher privileged permissions so you could get root.txt ? To be very honest, I felt this part of the problem was like trying to find a needle in a hay stack. Please PM me if there’s a better way to find root.

I got root if anyone needs a hand, send me a message

ROOTY ROOTY IN THE PATOOTIE!!! just got root lol Honestly, it was really easy don’t over think it.

Got user this afternoon and managed to get root this evening - woo! Everything you need is on the forum! Went down a bit of a rabbit hole for the priv esc, but then reviewed my enum script output properly and did some googling on each line. Once I found the odd binary, I had to reset the box as it wasn’t working initially (someone messed it up a bit…) Thanks for the help everyone. Happy to help if anyone is a bit lost

Hi everybody,

I’m stuck at the metasploit part for a while :frowning:
Pretty sure I got the right CVE, right port (there is more than one) and exploit but keep getting ‘‘but no session was created’’… i’ve tried multiple exploit and port, still the same.

Anyone had this issue ? Thank you!

Hi, Sorry for my bad inglish :slight_smile:

I’m already inside, I’m the first user to get all I imagine.
The problem is that I do not know what I’m looking for. It is my first machine. and I feel happy and frustrated.

some clue?

Finally got root! The hints are all here. Took me 4-5 hours tonight, just poking around until I found the right file to exploit.

alt-text

Rooted.

PM me if you need help.

Got user & root, no need of PE at all to obtain the flags since there’s a BIN (HUUUUUGE HINT) which can help you :slight_smile:

Hi. I’ve got shell via msf. Now looking at stego and binary with suid. I’d love to get a hint. Please PM me. either stego or howto to privesc (I can’t figure out on how to use the binary). Thanks

@kwong240 said:
stuck with user, not sure where can I find the b***** file, anybody can help??

Dear, files obscures are list when used command ls -a, try it!