Irked

i got it. Try harder…

this box was really fun - it took me a while and a bit of frustration but finally, I got it :smile:
feel free to DM me for pointers :+1:

On the box, and have enumerated the d******* user. Also ran ./L***** to try and get somewhere with privesc, but haven’t managed to find that “thing” everyone seems to be talking about… I’m pretty unfamiliar with general Linux processes, so this is proving to be more difficult for me than I’d imagined… Anybody willing to provide a nudge? It’d be greatly appreciated :slight_smile:

A nice box, definitely learned a lot again and brought me back into it after having to take a break for some time. After a nudge or two from @4r514n I stopped blinding myself. Thanks for the box! :slight_smile:

Got user flag in about 20 mins and then spent around 1,5h slamming find and reading through lists of files looking for something out of the ordinary. More linux knowledge would have made this much less painful and slow so time to update the good old studying list for the nights to come!

Thanks for the challenge!

nice box, took around 5 mins to get a shell, another hour to find user and another hour after that to get root. (Mainly because I was expecting it to be harder than it was and went down a rabbit hole)

Managed to get user after a struggle of figuring out how to use s************.

Now I’m stuck on finding the appropriate binary. I think I might know which one it potentially is but I don’t think I’m using it right. Can someone PM please and confirm if I’m on the right track?

Hello Community! On the box, I got the User access somehow. Now, I’m unable to get root. Have Googled i** exploit and most of the tutorials showed a root access. Can someone guide me through this? Also, have enumerated and found a few doubts. Whom can i pm?

EDIT: Thanks @4r514n and @merlinthebox! Got Root!

So from the low privileged shell straight to root, I have no clue what the .b***** file is or where the steganography part was involved. Can anyone tell me if this was the intended way? I just got a reverse shell and then abused a binary, was user needed?

I was stuck on priv esc for a long time but I finally got root after taking a break. This forum was plenty to help me and I don think I would have got root without it. Definitely learned a lot more about linux! Great beginner box. The steg part was fun :slight_smile: Feel free to PM if you have questions, even though I’m sure there are more experienced people in this forum that can help too

Finally got root, directly went for root instead of going for user and then root
Nice box!

hint for root: just look for unusual binaries

GOT ROOT PING FOR HINTS

Lolz once root system and get flags, just remember to remove your poc or footprints. Make clean for next tester.else it is very irritating .

Type your comment> @Naerz974 said:

I have owned the machine. The way I go to get root & user it’s weird. I compare it to the wirte ups available and no one did like me. Someone who ownd the box can pm me to discuss of it ? :slight_smile: Thanks in advance!

Where you got write-up

Can’t seem to get the metasploit working even though I’m certain I’ve used the correct options can someone PM me with advice?

I have user. I have enumerated some processes running as root and have a theory to get to root, but my ideas haven’t translated to any pwnage. Can someone DM me a nudge?

Going for root: found something weird running that had a name that made sense wrt to the username. There’s an privesc exploit for it, but it says I don’t have the permissions…

The look for something unusual sounds like a good plan, but after doing LinEnum I have pages of stuff that looks unusual to me :frowning:

Might have to ask for hints on this one…

I hate to ask for help but if someone could spare a minute for me to see if what I’m doing should work? I am working on the i** service but the stuff I’m trying is failing and I thought for sure I had it figured out.

Got it. This thingy demanded no exploits from me at all, just meticulous enumeration. Notice the unusual. If only other ones were so straightforward)))

Type your comment