Lightweight

Type your comment> @evilcall said:

Hi,Do I have to crack the hash password?

Not at all.

I am stuck on it! I need some suggestions… PM please


Rooted!

Hi guys… someone can give me an explanation about the root step and why it works ?

Type your comment> @evilcall said:

Hi guys… someone can give me an explanation about the root step and why it works ?

mhhh if you got the flag you should know why it works. Anyway, (un)fortunately this discussion gives away too much hints and spoilers after three months and a half. Just read it and you should have enough information to find the answer.

@0xEA31 Thank you for teaching me a few new things. It took a while to free my mind, but it was definitely an interesting box.

same, I’ve been staring at the screen for 2 days now trying to figure this out… when I did i could have slapped myself.

anyone managed a full shell on this box?

Type your comment> @Ripc0rd said:

anyone managed a full shell on this box?

For those managing to get root.txt but not root shell, if you found the same article I found, you just need to read the rest of the article. It doesn’t take 44 days.

Can anyone DM me for some hints on lda***er2? I don’t have much knowledge on LDAP

Type your comment> @Ripc0rd said:

anyone managed a full shell on this box?

I’m happy to send a PM your way if you need help with getting a root shell.

Type your comment> @clmtn said:

Type your comment> @Ripc0rd said:

 anyone managed a full shell on this box?

I’m happy to send a PM your way if you need help with getting a root shell.

Yes pls. Like to try and get full shells rather than just reading the flags

Hi, I’m running the tp scan, but I only found other user nmap script scan…
Also, why copy a file is f
hard ? you can’t cat, you can’t reverse html server, scp doesn’t work for certain file, rcsync either, I even try to zip my .c** file but no, that’s really impossible…
I use more command and copy/past, so for binary file it is not working…

Ok… so no ■■■■ there I was. I have a ssh connection with the host machine. I have hashes from a certain service. I cannot crack said hashes nor have I been able to replay them as I shouldn’t be able to due to the fact I’m in a *nix environment…

I have t******ed certain protocols to gain further information to no avail…

Throughout the forum I have noticed individuals stating that you do not need that hashes, and in fact at one point one individual said you could replay them…

I am lost in the sauce here gents, if someone could PM me or give me a nudge I would greatly appreciate it. My ego depends on it. I’m just trying to get user…

Can someone please pm me the tcpdump syntax that works? I tried using '-i any ’ but I can get no activity for the ld_____1 or 2 users. Thanks in advance

I have opened t*****p and listened the 389 port for a while, nothing happened after 10 minutes, am I at right path please?

Yeah I got lucky at one point and gathered hashes. However comma… the hashes I obtained weren’t crackable with the rockyou.txt.

There is an easier way to obtain the hashes without actually listening on the box… I DO NOT know if that’s the right avenue of approach though.

please pm me how to get user

Finally, get root.txt I’m finding the way to get root shell. special thanks @clmtn for hints on user part. Feel free to PM me.

Hi chaps
Am new to this lark, although a seasoned programmer. Spent over a day on this one, guess it’s not a spoiler to say I have some usernames and credentials.
WTF do I do with them? I tried the obvious but just doesn’t get accepted.
Would love a PM if someone wouldn’t mind, I know there’s something massively obvious but I’m out of sanity.
Thanks

@nigs read this post from the start it literally has everything.