Mark me down as another one of those that has RCE, but is having trouble getting a shell to be more efficient/figure out what to do next. I’m pretty new to all of this, so wouldn’t mind some tips!
Edit: of course I figured it out ten minutes after posting this.
After another big chunk of work I finally popped user. Turns out I was on the right track but overlooked a very simple concept. Turns out the answer for the RCE was staring me in the face. Thanks for all the help everyone!
I am stuck at root … I dont have much knowledge with networking n all …should i try rooting ? spend some time but reaching no where …any hint is appreciated …thanks
I’m not going to give up on this box. Despite spending way too long staring at the screen.
I have access to the webpage and I feel like I need to inject some code, via burp, into the d**g page. This is where my lack of experience is starting to show and is where i need some assistance progressing to ‘user.txt’
I’d rather not be told the answer as I’m here to learn, but if there is something I can read that may lead me the way or if someone can give me a little nudge in the right direction I would be grateful. Feel free to drop me a message.
I’m not going to give up on this box. Despite spending way too long staring at the screen.
I have access to the webpage and I feel like I need to inject some code, via burp, into the d**g page. This is where my lack of experience is starting to show and is where i need some assistance progressing to ‘user.txt’
I’d rather not be told the answer as I’m here to learn, but if there is something I can read that may lead me the way or if someone can give me a little nudge in the right direction I would be grateful. Feel free to drop me a message.
I’m not going to give up on this box. Despite spending way too long staring at the screen.
I have access to the webpage and I feel like I need to inject some code, via burp, into the d**g page. This is where my lack of experience is starting to show and is where i need some assistance progressing to ‘user.txt’
I’d rather not be told the answer as I’m here to learn, but if there is something I can read that may lead me the way or if someone can give me a little nudge in the right direction I would be grateful. Feel free to drop me a message.
Many Thanks
Hi
Do not give up … If you still need some direction pm me
Could you please show me a direction in privesc for carrier ?
I read about B** and A* .I understand that we have 3 As and our machine is in A1** …
Its using q***** service with B** …
I read from the t****** and found about the V** issue of connecting to an F** to 10.****** network .
I added the entry " network ******* " b**.c*** as
And use nc to listen …
I know i am missing something here …Am i in the right direction .It would be great if you give me a hint
Hi
I think I am very near …
I have the f** req captured using nc …I tried setting up p***** F** ser*** . but couldnt succeed…tc**** is not showing any data
Hardest box I’ve been doing so far. Finally rooted that b*tch. Thanks a lot to @snowscan for making this, I learned a TON of new stuff.
User is easy and there is plenty of hints already in this thread ; as for root, there are quite a few gotchas on the way to root.txt.
Some things that messed with me for some time : if you change the .conf of a service, be sure to write it and/or to restart the associated service so it gets accounted. Also, interface changes can be your friend. And last, but not least : be polite, say HELO.
Thanks a lot to @f1ndm3 and @Downloading for confirming I was on the right path, as well as @Xess , with whom it was quite fun to work
I’m not going to give up on this box. Despite spending way too long staring at the screen.
I have access to the webpage and I feel like I need to inject some code, via burp, into the d**g page. This is where my lack of experience is starting to show and is where i need some assistance progressing to ‘user.txt’
I’d rather not be told the answer as I’m here to learn, but if there is something I can read that may lead me the way or if someone can give me a little nudge in the right direction I would be grateful. Feel free to drop me a message.
Many Thanks
EDIT: Got ‘user.txt’ now. Thanks to @sillydaddy daddy and @Xess for the advice.
Hardest box I’ve been doing so far. Finally rooted that b*tch. Thanks a lot to @snowscan for making this, I learned a TON of new stuff.
User is easy and there is plenty of hints already in this thread ; as for root, there are quite a few gotchas on the way to root.txt.
Some things that messed with me for some time : if you change the .conf of a service, be sure to write it and/or to restart the associated service so it gets accounted. Also, interface changes can be your friend. And last, but not least : be polite, say HELO.
Thanks a lot to @f1ndm3 and @Downloading for confirming I was on the right path, as well as @Xess , with whom it was quite fun to work
I’m not going to give up on this box. Despite spending way too long staring at the screen.
I have access to the webpage and I feel like I need to inject some code, via burp, into the d**g page. This is where my lack of experience is starting to show and is where i need some assistance progressing to ‘user.txt’
I’d rather not be told the answer as I’m here to learn, but if there is something I can read that may lead me the way or if someone can give me a little nudge in the right direction I would be grateful. Feel free to drop me a message.
Many Thanks
EDIT: Got ‘user.txt’ now. Thanks to @sillydaddy daddy and @Xess for the advice.