Irked

Could someone find it in their heart to help me out with root? I’ve been staring at the SUID files, but cannot figure out which one to use…

EDIT:
I’ve googled all of them but could not find a way to privesc, that or i’m completely blind.

Type your comment> @Vex20k said:

Could someone find it in their heart to help me out with root? I’ve been staring at the SUID files, but cannot figure out which one to use…

I feel you bro. Same here…

any hints for priv esc please??

So the steg stage was a nice little CTF challenge, pretty obvious once you realise where to get the {spoiler} and the right program to use.

Anyways, Root??!! Stuck on this one, done my privesc check, got ALOOOOTTT of output, fair few warnings, where the ■■■■ do I start?

Help would be great, no answers, just a nudge in the right direction would be cool B-)

I need some advice on root. I know there is a file named V******* but I am not sure what to do with it.

Type your comment> @boolean700 said:

I need some advice on root. I know there is a file named V******* but I am not sure what to do with it.

nevermind

Type your comment> @PifflePaffle said:

@vitorfhc said:
I found the b file, I understood it and know from where it comes from but still stuck… Any hints?
Edit: i tried using the things name as password, things like that and nothing :frowning:

I’m in the exact same situation at the moment. Got the file and seem to get the general idea of it but i’m still overlooking something(probably something trival as well). Can someone pm me for a nudge in the right direction?

Edit: Thank you all for the amazing help! I managed to find user. As most i was making it way too complicated in my head and overlooked things that i shouldn’t have. Good learning experience tho.

can i get some hints too? staring at it for hours still not getting it

Type your comment> @Vex20k said:

Could someone find it in their heart to help me out with root? I’ve been staring at the SUID files, but cannot figure out which one to use…

EDIT:
I’ve googled all of them but could not find a way to privesc, that or i’m completely blind.

Attention time

Managed to get root, but I’m not sure if this was the intended way at it seems way to easy.

Could someone PM me to check if this was correct?

can I get a hint via PM? enumerated all ports, did not find an exploit…
i know i need to use steg at some point too

Learned something with this box. As everyone else has mentioned plenty of hints in this forum.

User: Pretty straightforward if you thoroughly NMAP and search for exploits on the services that show. Once in the box ENUMERATE. There is an interesting file with instructions.

Root: Use well-known linux priv-esc guides. You’ll find a file that gives an interesting output. This is where I got tripped up. THINK ABOUT the output and what it’s doing. THINK about who it’s running as. Then THINK about how you can help it accomplish it’s goal.

can I get a hint via PM? enumerated all ports, did not find an exploit yet
did it go rough in connecting with you as well ??

hey guys i found a user.txt but i need permissions to open it and guessing how , anybody can pm ??

I got the right metasploit exploit, adjusted it to match the details of this machine and I always get exploit completed, but no session created…

Can anyone PM me with some help?

Thanks to whoever deleted l*******rs …

I, ummm, well I got to root… from low priv shell so I have well and truly missed what I am supposed to do on this box. Just reading these comments tells me there is some steg in here… totally missed it :confused:

I’m gonna have to go back and start again and see what I missed lol

Just rooted; for anyone trying privilege escalation to root, I believe it was already said it’s a particular binary. Make sure to carefully read all its output, i didn’t notice the thing at first then went on to the next…
No need to search for exploits on the web to execute on the machine.

Fot the steg, you get one part right in your face when you start, then the other one after the low priv shell. Nothing mind blowing though, if you got root anyway just skip it, or do some steg challenge if you really want.

Ive got the low priv shell, found the *****p file and got the interesting contents from it. Now I just am not sure what to do with that info.

Found the user but don’t know what to do know. I know everyone says enumerate but that’s not that helpfull. Apparently I am looking for an s*** priv esc but never done one and i also cant find a file with the s*** bit set.

any help/tips?

@veepn said:
Ive got the low priv shell, found the *****p file and got the interesting contents from it. Now I just am not sure what to do with that info.

You got the second piece of that puzzle, now go back to one of the first thing you (probably) did when you started on this machine to get the first piece.

@Calvo said:
Found the user but don’t know what to do know. I know everyone says enumerate but that’s not that helpfull. Apparently I am looking for an s*** priv esc but never done one and i also cant find a file with the s*** bit set.

any help/tips?

You can’t find any? Like at all? Are you looking for it manually?
Don’t wanna sound rude, but you at least gotta know basic linux commands before trying to hack linux machines. Read the find manual, you can filter for file permissions.