Hi, I think I overlooked something in my tcpdump I have one day to check this and I’m feel so noob, I can not figure out how to get the credentials, I have try several methods and sniff the traffic in eth0 and lhost but with no success can some pm please, thank you
Anyone have recommendations for a wordlist for backup.7z ?
I did eventually find it. No graphics cards inside my Kali VM.
Anyone mind PM me on getting a root shell? I’m looking for new ideas of where I should write without breaking something.
[root@lightweight ~]# id
uid=0(root) gid=0(root) groups=0(root) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
PM me, happy to help
can you stop reset the box every 2 min !!!
finally rooted , the box its pretty nice i just mess around in the start a few hours , after with the help of @brianma i get the way, thanks i learn a new things and good job for the creator .
I ran tcpdump for an hour and dont see any ldap traffic unless I generate it. Can someone PM a hint?
Without spoiling the fun…
[+] The first 6 or so pages here have EVERYTHING you need.
[+] Shut up and listen to the box. Listen in the right places.
[+] Pay close attention to what you see on the web server. Seriously.
[+] When in doubt, RTFM. Then RTFM again.
[+] Still stuck? Google is your friend.
[+] For root/root shell; if you can read, you can write. Leverage that.
This was actually a really fun box. Little janky at the beginning but honestly, I think the creator did a pretty good job of combining real world issues with a bit of CTF flavor. Not bad at all.
Need help. I have t*****p. I have found what looks like a string associated to a user. But unsure what Todo with this? I cannot use it for SSH? Any hints?
Edit im ashamed i even asked haha
hey,
i could also need some help i used t***p and found something that looks like creds. although they seem to work with lp for l*******2, i cant get anything out if it…
PMs are welcomed!
Edit: rooted. Fun machine and learned some new things.
need help with the tc****p command, not sure if im being too specific or have the wrong flags
I’m stuck here. i got the 10***** login. I have used the tcp to capture any packets. i got a Sr H**0 packet. i’m using wireshark to read it. I see what looks like a hash but has … on the end. I’m new to this all and love learning everything I can, but now im stuck. anyone will to pm me and discuses whats next or maybe a link to a site to send me in the right direction.
edit got both users stuck on root.
I am stuck on user. I have used tc****p to capture packets and output it to a pc** file but I cannot find anything in it. Anyone can give me some hints?
hmm, time to ask for some assistance. I have been looking at tcp and jx , have goit packets, i understand cant used the $6$ salts, looking in packets for some type of message. Should i be looking at this on the host itself or the client, going round in circles here, could someone give us a nudge please.
I was able to figure out how to get user2 password by reading the comments in this forum. However, i have no idea how it actually works.
What am i seeing with t*****p? What is that string that is used as the password?
Can someone PM me and explain to me or point me to a good article? Im having trouble understanding how I got this password
Thanks in advance
Anyone willing to nudge me on this box?
anyone able to give some assistance on root shell. got all flags, but have been hitting a wall on root shell, have been using capXXXXXXXXXXies, but i must be missing something, as i cannot complete it through to being able to get to root
If any one can help push in the direction for rooting? I have an idea that it deals with o**l and //s****w. Dont know if im looking down a rabbit hole or not. Thank you
Owned. Really liked this one!
No CTFish at all and it forced me to learn a lot of things. Nice!
If you need any help feel free to PM me