Zipper

Completed this machine if anyone need help feel free to pm :slight_smile:

if u spend more then 30 min to get root …i’m sure u will slap u’r face when u find-out :slight_smile: just like i did …nice box thanks

So I have a stable reverse shell - In the wrong place. I have API access through 3**37 and GUI access with super user privs… Can create and run scripts, but I can’t get the frickin things to execute in the right place. Any advice a depressing friday night like this? I reckon there is an issue with the h****d, but no matter how I fiddle, the outcome seem to be the same. =)

Hi, i have found an interesting s***pt related to priv. esc. I have followed what it does but i can’t read any file. What should be done?

I know how to execute what i want over the J*** A**, but i cannot for the love of god find this spelling mistake everyone is talking about, that “gave up” the admin user creds.

nvm

Finally rooted. Lesson of the day is not to try and exploit a non-reverted machine. Creds to @burmat for this box - I really, really enjoyed it!

Stuck? Feel free to PM for vague nudges. =)

Initial foothold was the hardest part of this machine.
User took a while, but I tried something really basic and it worked. I was overthinking.

Whilst trying to get user I found the root privesc way, I just couldn’t do it. But then it took only a couple of minutes at most.

Great machine overall!

Initial Foothold:
No bruteforce. Think smart. Take what you can with what you have. Something may look similar or like a typo, but it’s not.

User:
There’s something unusual running around. Check what it does, how it works, you may find useful information on your quest

Root:
There’s really only one place that hints you about anything to do with root. Think smart about the possibilities that you have in hands. You may need to really understand the User step.

If there are any spoilers please PM me and I’ll quickly remove it. Thanks!

nvm got user

rooted, love this machine!

I have a shell but not in the right place, can anyone pm me hints on getting to the ‘right place’

@Jxsh said:
I have a shell but not in the right place, can anyone pm me hints on getting to the ‘right place’

I am in the same place as JXSH , can somebody PM for hints ? Thanks in advance

Done. Most challenging part for me was initial login to web app.

Any hints for a stable shell? If I still overthinking it’ll die haha

Rooted, really good machine the priv esc taught me a lot.

■■■!! I want to kill myself. All this time z****r password was in front of me and I never tried to use it because I was convinced it was only used in that script. Im such an idiot.

Now going for root.

Edit: got root. :slight_smile:

I’m just too stupid.
I have access to the A**** Panel and also have created an S*****. I’ve tried everything on Tri***** and Ite**. But I don’t get it executed.
Please PM so that I can make the first step towards user

Can i get help related to priv. esc.? My scripts doesn’t give me any clue.

Got root before I got user using -* Anyone that did it the other way around that want to PM me how they got user and then root?

:smiley: Nice box!!! I ended up stuck down the rabbit hole for a bit, eventually got out and then the box just hung every minute! So frustrating :frowning: Revisited today and all was good again. I guess the hanging was because of all of the Hydra brute forcing (HINT: As many have said… It’s not needed! Just take a look around and guess!)

I went straight to root and then grabbed both flags. Then worked out afterwards how to move to user when typing up my notes. Getting user was def harder than getting root.

Would be interested to know more about the js** A** part of the website. Feel like I could have got more out of that, but didn’t have much success.