@Epictetus said:
Rooted, got the user.txt following root. This is probably the most ctf like box I have ever done. Can someone let me know what tool I was meant to use on the user file to reveal its contents?
Also hint for root, contrary to a lot of people here I wasn’t abled to just execute a binary and have instant root (could be people not resetting on free server). I was able to execute commands as root by modifying the right file. Easiest way to find is to think how you would locate all files that have different/abnormal permissions. Hope that’s not too spoilery!
have you tried frolic yet? That is also a CTF like box.
OK, this was my first box after playing around on the retired boxes for a few days. It took me approx 4 days (on and off) to get both user and root. So much was learnt and I’m not sure how much of it I would have done without the hints from you folk, so thank you.
I will say that some people need to be careful just how much of a ‘hint’ they offer publicly. Some were a little too close to being a spoiler.
However, with that said, I thoroughly enjoyed the learning curve and look forward to many more sleepless nights.
You guys need to stop abusing the rest button and give people chance to root the machine , ive spent hours trying to enumerate with a low shell. Please can you stop the madness already !!!
@Epictetus said:
Rooted, got the user.txt following root. This is probably the most ctf like box I have ever done. Can someone let me know what tool I was meant to use on the user file to reveal its contents?
Also hint for root, contrary to a lot of people here I wasn’t abled to just execute a binary and have instant root (could be people not resetting on free server). I was able to execute commands as root by modifying the right file. Easiest way to find is to think how you would locate all files that have different/abnormal permissions. Hope that’s not too spoilery!
have you tried frolic yet? That is also a CTF like box.
I haven’t working my way through help currently! I’m looking more to do real-life style machines, had a look at conceal but reckon that machine will need a good weekend of work to get even close to user haha!
Managed to root the box. Was frustrating since after reading some of the comments in the forum while I was struggling to get the user, made it very easy to get root.
User was not so easy for me (rookie) and it was a lot of fun to get there!
The tip from @AzAxIaL totally made it for me! Especially the “full port scans”.
Thank you mate.
@AzAxIaL said:
Finally rooted. Big thanks to @sx02089 and @OldManWinter for the hints.
A good box to learn about really paying attention to results of scans and enumeration scripts.
My tips for those having difficulties.
Initial access: full port scans are necessary, services found will give hints of possible ways in.
User: if you found the .bp file, Google the full term for s, think about a file you found during you initial scans and enumeration that would work with it, and consider how you can use the other information in .b***p to gain access.
Root: As most people have said, enumerate and look very carefully at the results. For those who are not familiar with binaries that are included in a Linux installation, it may take some time to find what you need. Anything that looks unfamiliar, Google it. Worst case, you learn about an existing binary. Anything that is new is worth a look.
Guys can some one PM I’m in trouble to get root I was runing all the U…D files but with no chance to get root or executing arbitrary command, can you PM please thanks
UPDATE, DONE it to get root I was looking from the start in that file but didn’t work, and today works. Hi took me a day for this box really enjoyed good work for the creator.
Agree that I made root harder on this than it should have been. I can see where those newer to *nix operating systems might overlook something so simple. Feel free to PM me if you need a hint.
Getting in and escalating to user was easy enough though. Fun challenge!
Ive read all the hints and im still stuck on root , i have a feeling its v… file but no idea how to execute it . Can anyone Pm me for a Nudge cause im clueless
Managed to obtain root what a Box ! My tip is keep enumerating and do some white and blacklisting with the attack and host linux machine.
You should find what you need
Thanks for the Hints guys , you guys are awwsome
Having spent nearly two days on a GDB script believing it’s the b*** file with stego people are talking about… I feel obligated to let people know it isn’t.
I found the “real” file, but already popped root by that time. If anyone wouldn’t mind a PM to hint the stego… well I’ve got root already.