Irked

@Epictetus said:
Rooted, got the user.txt following root. This is probably the most ctf like box I have ever done. Can someone let me know what tool I was meant to use on the user file to reveal its contents?

Also hint for root, contrary to a lot of people here I wasn’t abled to just execute a binary and have instant root (could be people not resetting on free server). I was able to execute commands as root by modifying the right file. Easiest way to find is to think how you would locate all files that have different/abnormal permissions. Hope that’s not too spoilery!

have you tried frolic yet? That is also a CTF like box.

OK, this was my first box after playing around on the retired boxes for a few days. It took me approx 4 days (on and off) to get both user and root. So much was learnt and I’m not sure how much of it I would have done without the hints from you folk, so thank you.

I will say that some people need to be careful just how much of a ‘hint’ they offer publicly. Some were a little too close to being a spoiler.

However, with that said, I thoroughly enjoyed the learning curve and look forward to many more sleepless nights.

You guys need to stop abusing the rest button and give people chance to root the machine , ive spent hours trying to enumerate with a low shell. Please can you stop the madness already !!!

I got root. This is my first box hacked. Is there a “flag” I’m supposed to get? What does it look like? What do I do with it once I get it?

Found the P****.txt after doing the stego step but not sure what to do with this.
can someone pm me ?

hey its Hank

Can someone give me a nudge regarding the S**D thing please? I’m a total N00b, but have got user, and feel I’m so close to my first root…

fellas?

@l30n said:

@Epictetus said:
Rooted, got the user.txt following root. This is probably the most ctf like box I have ever done. Can someone let me know what tool I was meant to use on the user file to reveal its contents?

Also hint for root, contrary to a lot of people here I wasn’t abled to just execute a binary and have instant root (could be people not resetting on free server). I was able to execute commands as root by modifying the right file. Easiest way to find is to think how you would locate all files that have different/abnormal permissions. Hope that’s not too spoilery!

have you tried frolic yet? That is also a CTF like box.

I haven’t working my way through help currently! I’m looking more to do real-life style machines, had a look at conceal but reckon that machine will need a good weekend of work to get even close to user haha!

Can someone please PM me about root privesc!
Found the file but no idea how to exploit it!

EDITED: Got r00t!

@xeNx9 said:
Can someone please PM me about root privesc!
Found the file but no idea how to exploit it!

which file? I’m still stuck on this bit…PM me pls…

Hank

Managed to root the box. Was frustrating since after reading some of the comments in the forum while I was struggling to get the user, made it very easy to get root.

User was not so easy for me (rookie) and it was a lot of fun to get there!

The tip from @AzAxIaL totally made it for me! Especially the “full port scans”.

Thank you mate.

@AzAxIaL said:
Finally rooted. Big thanks to @sx02089 and @OldManWinter for the hints.
A good box to learn about really paying attention to results of scans and enumeration scripts.
My tips for those having difficulties.

Initial access: full port scans are necessary, services found will give hints of possible ways in.

User: if you found the .bp file, Google the full term for s, think about a file you found during you initial scans and enumeration that would work with it, and consider how you can use the other information in .b***p to gain access.

Root: As most people have said, enumerate and look very carefully at the results. For those who are not familiar with binaries that are included in a Linux installation, it may take some time to find what you need. Anything that looks unfamiliar, Google it. Worst case, you learn about an existing binary. Anything that is new is worth a look.

PM me if you need any more hints.

Guys can some one PM I’m in trouble to get root I was runing all the U…D files but with no chance to get root or executing arbitrary command, can you PM please thanks

UPDATE, DONE it to get root I was looking from the start in that file but didn’t work, and today works. Hi took me a day for this box really enjoyed good work for the creator.

Agree that I made root harder on this than it should have been. I can see where those newer to *nix operating systems might overlook something so simple. Feel free to PM me if you need a hint.

Getting in and escalating to user was easy enough though. Fun challenge!

finally got root…(collapses into a pool of his own body fluids)…thanks to some great tips from @Epictetus

Ive read all the hints and im still stuck on root , i have a feeling its v… file but no idea how to execute it . Can anyone Pm me for a Nudge cause im clueless

@Epictetus Yeah I don’t really like the CTF machines. Not a real life scenario IMHO

Managed to obtain root :slight_smile: what a Box ! My tip is keep enumerating and do some white and blacklisting with the attack and host linux machine.
You should find what you need :slight_smile:
Thanks for the Hints guys , you guys are awwsome :slight_smile:

Heeeey finally rooted!! If you need some hint for this Challenge feel free to PM me

Having spent nearly two days on a GDB script believing it’s the b*** file with stego people are talking about… I feel obligated to let people know it isn’t.

I found the “real” file, but already popped root by that time. If anyone wouldn’t mind a PM to hint the stego… well I’ve got root already.

@Seth70 said:
The first line of it contains all necessary info. Focus to steg !

Googling that content is one of the strangest searches I’ve ever done. Here’s my first few hits, in order:

  • The Reddit sub for Elite Dangerous
  • A Power Rangers wiki page
  • The_Donald sub on reddit
  • An Amazon page for purchasing Hydrocycut diet supps
  • www.socksaddict.com

If one of these is meant to be a hint I’m out of here :stuck_out_tongue:

Rooted. Fun and pretty easy box.