Lightweight

Need help. I have t*****p. I have found what looks like a string associated to a user. But unsure what Todo with this? I cannot use it for SSH? Any hints?

Edit im ashamed i even asked haha

hey,
i could also need some help :confused: i used t***p and found something that looks like creds. although they seem to work with lp for l*******2, i cant get anything out if it…
PMs are welcomed! :slight_smile:

Edit: rooted. Fun machine and learned some new things.

need help with the tc****p command, not sure if im being too specific or have the wrong flags

I’m stuck here. i got the 10***** login. I have used the tcp to capture any packets. i got a Sr H**0 packet. i’m using wireshark to read it. I see what looks like a hash but has … on the end. I’m new to this all and love learning everything I can, but now im stuck. anyone will to pm me and discuses whats next or maybe a link to a site to send me in the right direction.

edit got both users stuck on root.

I am stuck on user. I have used tc****p to capture packets and output it to a pc** file but I cannot find anything in it. Anyone can give me some hints?

hmm, time to ask for some assistance. I have been looking at tcp and jx , have goit packets, i understand cant used the $6$ salts, looking in packets for some type of message. Should i be looking at this on the host itself or the client, going round in circles here, could someone give us a nudge please.

I was able to figure out how to get user2 password by reading the comments in this forum. However, i have no idea how it actually works.
What am i seeing with t*****p? What is that string that is used as the password?

Can someone PM me and explain to me or point me to a good article? Im having trouble understanding how I got this password

Thanks in advance

Anyone willing to nudge me on this box?

anyone able to give some assistance on root shell. got all flags, but have been hitting a wall on root shell, have been using capXXXXXXXXXXies, but i must be missing something, as i cannot complete it through to being able to get to root

If any one can help push in the direction for rooting? I have an idea that it deals with o**l and //s****w. Dont know if im looking down a rabbit hole or not. Thank you

Owned. Really liked this one!

No CTFish at all and it forced me to learn a lot of things. Nice!

If you need any help feel free to PM me

got it, root shell, missed a stupid step,

Root needs literally 1 minute, don’t overthink. You have 2 things over there, 50% and 50%, you have good chance to get root flag at first try like me.
You can root shell too, if you can read root.txt that means you can write root files too, but it’s not necessary to do because you risk to broke the machine and ruin the penetration to others :slight_smile:

For anyone with problems with tp on the initial phase: I don’t know how, but yesterday I didn’t get anything, today in 5 minutes I got 3 connections.
I don’t know if someone wrongly helped me with a enumeration to that service (like requiring a reset from web site or getting banned for bruteforce), or if there is a cronjob.
I doubt yesterday machine was broke.
So, while you are using t
p, try to do something to the webserver to force PHP sending requests to that service.

Hey guys can a capability guru PM me please? I got root but I am not 100% sure why. I have a theory but I would appreciate
if someone could confirm.

Read a different man file and I got my answer thanks :pensive:

I ran t****** for hours but still i cant get anything.I just get the ldapsearch, web related traffic but no noise captured I made around 10-20 different pc** file even imported as normal text so i can look for anything missing but still no good can anyone help me with that.

Can somebody give me a hint about root shell. I’ve successfully did a reverse shell to my PC with o*****l binary, but get it under ldapuser1. Don’t understand where I’m wrong.

I have been struck in user for days now.I’m running t*****p inside the box for hours and hours looking out everything I can still unable to get that information for the user. Am I doing something wrong or just I am unlucky that I can’t get that.

Type your comment> @sahil0x08 said:

I have been struck in user for days now.I’m running t*****p inside the box for hours and hours looking out everything I can still unable to get that information for the user. Am I doing something wrong or just I am unlucky that I can’t get that.

Finally rooted the box thanks to everyone who helped me out after getting user it was like ■■■■ lot of easy to root the box.

Edit : Got root :slight_smile:

Fun little box :slight_smile:

Wow this box was awesome! Didn’t have any knowledge on capabilities… Could never root it if it wasn’t for all the people hinting at them :slight_smile:

For people struggling with root, search well on google for this!