Lightweight

I connected through ssh, run tc****p and export it in pcap file, waited over 2 hours, did it 9 times (9 different pcap files) but in all of them for user1 and 2 I only got the crypt values, the only simple was for ROOT but with no data, am I missing something?

Edit: Nr10 pcap did the job!
On to root, o*****l is a nightmare! any hints are welcome!!
Edit2: rooted! Thanks @brianma for your help!

User flag took about 1,5h of fiddling and reading about the software in use. Based on the posts here some people have listened the traffic some other guy initiated and therefore gave advise that’s gonna be a loooooong wait if there’s no one else doing the box.

If you can’t find anything by listening harder think of a place where you might have witnessed a weird delay with no clear explanation.

The climb towards root took me about 5h and I probably wouldn’t have figured it out in any reasonable time without the hints in this thread. They’re a useful resource when you hit a blank and can’t even figure out anything to google or learn that would help you.

So thanks everybody for the hints without outright spoiling the machine and thanks to the maker of this challenge. You guys “force” me to learn new stuff all the time : )

im trying to uzip the b****.*z file but my wordlist doesnt seem to work, any help?

Type your comment> @thewildspirit said:

im trying to uzip the b****.*z file but my wordlist doesnt seem to work, any help?

Rockyou.txt gets there eventually

Can I PM someone for a nudge ?

@Sevuhl said:
Can I PM someone for a nudge ?

Go ahead.

Hi,Do I have to crack the hash password?

Type your comment> @evilcall said:

Hi,Do I have to crack the hash password?

Not at all.

I am stuck on it! I need some suggestions… PM please


Rooted!

Hi guys… someone can give me an explanation about the root step and why it works ?

Type your comment> @evilcall said:

Hi guys… someone can give me an explanation about the root step and why it works ?

mhhh if you got the flag you should know why it works. Anyway, (un)fortunately this discussion gives away too much hints and spoilers after three months and a half. Just read it and you should have enough information to find the answer.

@0xEA31 Thank you for teaching me a few new things. It took a while to free my mind, but it was definitely an interesting box.

same, I’ve been staring at the screen for 2 days now trying to figure this out… when I did i could have slapped myself.

anyone managed a full shell on this box?

Type your comment> @Ripc0rd said:

anyone managed a full shell on this box?

For those managing to get root.txt but not root shell, if you found the same article I found, you just need to read the rest of the article. It doesn’t take 44 days.

Can anyone DM me for some hints on lda***er2? I don’t have much knowledge on LDAP

Type your comment> @Ripc0rd said:

anyone managed a full shell on this box?

I’m happy to send a PM your way if you need help with getting a root shell.

Type your comment> @clmtn said:

Type your comment> @Ripc0rd said:

 anyone managed a full shell on this box?

I’m happy to send a PM your way if you need help with getting a root shell.

Yes pls. Like to try and get full shells rather than just reading the flags

Hi, I’m running the tp scan, but I only found other user nmap script scan…
Also, why copy a file is f
hard ? you can’t cat, you can’t reverse html server, scp doesn’t work for certain file, rcsync either, I even try to zip my .c** file but no, that’s really impossible…
I use more command and copy/past, so for binary file it is not working…

Ok… so no ■■■■ there I was. I have a ssh connection with the host machine. I have hashes from a certain service. I cannot crack said hashes nor have I been able to replay them as I shouldn’t be able to due to the fact I’m in a *nix environment…

I have t******ed certain protocols to gain further information to no avail…

Throughout the forum I have noticed individuals stating that you do not need that hashes, and in fact at one point one individual said you could replay them…

I am lost in the sauce here gents, if someone could PM me or give me a nudge I would greatly appreciate it. My ego depends on it. I’m just trying to get user…