Irked

Ok, finally rooted this box but were never able to understand the .b****** file. I have the end result of the file but I cannot understand how they relate to each other. Could someone please PM and explain how to decode it?

Edit: Nevermind, found it. It is not at all obvious for someone whos never done it.

Can someone please PM with help for root? I already listed all S*** and I think I know what I need to exploit, but I’m not being able to. If someone can help!!

EDIT: I just manage to get root, but I’m not really sure how the exploit worked lol. Can someone PM ME with an explanation?

finally rooted, actually user part was easy but privilege escalation is something that can teach u a lot.

feel free to DM me for a nudge

finally rooted, for user look for clues as already given and use google to move ahead.
for root just enumerate all directories.

Hi guys just finished this one pm me if you need a nudge

nice box, got limited shell, worked out the b***p file and it’s relation to another file. Got users, stumbled around with priv escalation and finally got root.txt, could have got a shell, but it was just easier snagging the file and running :slight_smile:

@Parttimesecguy said:

nice box, got limited shell, worked out the b***p file and it’s relation to another file. Got users, stumbled around with priv escalation and finally got root.txt, could have got a shell, but it was just easier snagging the file and running :slight_smile:

believe it or not, this was one of the most helpful tips :slight_smile: thanks!

Got root, but not sure why exactly it worked. Can anyone tell me what exactly that program was doing?

rooted before dj user. Could someone please pm me the solution or a hint for the stego challenge?

Hey all, I believe that I am either overthinking the process or not enough thinking, I found the 22/80/111 but seems to be stuck at that point, I see people saying that root was a couple minutes, but for me it has been 2 days of road blocks, I could really use some assistance…please

Hello, i need some help for provilege escalation. I already run some enum ops to read process and permission info, but i can’t understand which is the process i need to elevate. Thanks.

PM me!

Can someone please reset the box? Apparently some awesome person changed the user pw. Thank you.

EDIT: Thank you!

Stuck on user, saw hints for metasploit but again stuck. I saw others saying to enum R*****D which I believe I have but unsure how to get going. Someone mind helping me out please?

Have managed to get a shell using MSF, found .b***** but struggling to find the binary needed. Haven’t managed to get root or user yet.

Hints

user

If you are lazy you can use a famous tool to make the work for you. just enumerate and you will find the good point. Note that not all the boxes are sames.

root

Enumerate all your system, if you are confident with linux, you will find a strange thing. If not its the timeto enumerate all possible holes.
Just try to play with it and fix problems like a normal user.

PM for hint if needed.

i only got the user hash after getting root… please PM how come so many people were logged in as that other low priv user…?

I have tried SO many enumeration methods at this point… I tried an i** exploit with metasploit, but nothing has worked… Have been stuck on the enumeration part of this box without even getting a low-priv shell for the past 6 (almost 7) days. I’ve read through all 24 pages of this thread numerous times now. Googled, Googled again, Googled 20 more times… Nothing has worked. I’m ready to just give up and try a different box, honestly. I think I need a break.

Type your comment> @Farbs said:

I have tried SO many enumeration methods at this point… I tried an i** exploit with metasploit, but nothing has worked… Have been stuck on the enumeration part of this box without even getting a low-priv shell for the past 6 (almost 7) days. I’ve read through all 24 pages of this thread numerous times now. Googled, Googled again, Googled 20 more times… Nothing has worked. I’m ready to just give up and try a different box, honestly. I think I need a break.

The I** exploit is the way to go. Make some adjustments to the MSF.

@Optional said:
Have managed to get a shell using MSF, found .b***** but struggling to find the binary needed. Haven’t managed to get root or user yet.

try g0tmi1k.

Done. I really enjoyed getting user on it, very easy and didn’t take vary longs as long as you enumerate correctly. :smiley: But still very fun.

Sadly, the road to root is meh… I see some people saying this box is more “ctf” like, which I didn’t really get until i got root. But it is true what people are saying, its starring you right in the face, just think about what is different from your own machine. (sorry cant say much more than that)

For people looking for hints, just read through the earlier posts. There are so many hints, and its not a very difficult box. Take a deep breath, and try harder.