Irked

I got the right metasploit exploit, adjusted it to match the details of this machine and I always get exploit completed, but no session created…

Can anyone PM me with some help?

Thanks to whoever deleted l*******rs …

I, ummm, well I got to root… from low priv shell so I have well and truly missed what I am supposed to do on this box. Just reading these comments tells me there is some steg in here… totally missed it :confused:

I’m gonna have to go back and start again and see what I missed lol

Just rooted; for anyone trying privilege escalation to root, I believe it was already said it’s a particular binary. Make sure to carefully read all its output, i didn’t notice the thing at first then went on to the next…
No need to search for exploits on the web to execute on the machine.

Fot the steg, you get one part right in your face when you start, then the other one after the low priv shell. Nothing mind blowing though, if you got root anyway just skip it, or do some steg challenge if you really want.

Ive got the low priv shell, found the *****p file and got the interesting contents from it. Now I just am not sure what to do with that info.

Found the user but don’t know what to do know. I know everyone says enumerate but that’s not that helpfull. Apparently I am looking for an s*** priv esc but never done one and i also cant find a file with the s*** bit set.

any help/tips?

@veepn said:
Ive got the low priv shell, found the *****p file and got the interesting contents from it. Now I just am not sure what to do with that info.

You got the second piece of that puzzle, now go back to one of the first thing you (probably) did when you started on this machine to get the first piece.

@Calvo said:
Found the user but don’t know what to do know. I know everyone says enumerate but that’s not that helpfull. Apparently I am looking for an s*** priv esc but never done one and i also cant find a file with the s*** bit set.

any help/tips?

You can’t find any? Like at all? Are you looking for it manually?
Don’t wanna sound rude, but you at least gotta know basic linux commands before trying to hack linux machines. Read the find manual, you can filter for file permissions.

Type your comment> @xnand said:

@veepn said:
Ive got the low priv shell, found the *****p file and got the interesting contents from it. Now I just am not sure what to do with that info.

You got the second piece of that puzzle, now go back to one of the first thing you (probably) did when you started on this machine to get the first piece.

I got the steg info, just not sure what to use that for. I am not sure I guess what service I should be attempting to login to with that information

Am I supposed to crack that DES Unix hash?

@veepn DM me

Type your comment> @vivek7497 said:

@veepn DM me

Just did, I feel like im just missing something so basic

Rooted. PM for hints :slight_smile:

I know im getting close to root. This is killing me

I have the initial shell and have the info inside of the b****p file but i have no idea what to do with this

If anyone can DM me a hint to help me finish, I know I got all the right stuff for root but cant seem to figure out what to do with it. I found the file that doesnt belong. Its looking for a directory thats not even there. If I make it, what am I suppose to put inside of it? Or am i going the complete wrong direction.

Rooted. not quite sure what I did or how it worked but I did it so…
Thanks to @Boolean700 and @LordImhotep especially for their help

Rooted. I had it the entire time since last night but was missing something so basic and simple. Special thanks to @vivek7497 for the tip.

This box definitely took me a long time to get… But still very new to the hacking world, so learnt a crazy amount with just this one box. Finally managed to get root, but also didn’t understand the b****** part. I found it and read it, but didn’t see the connection. Makes it more annoying when all the comments say “its right in front of you” but you just cant get it… A PM about it would be great please. Want to see what i missed in prep for other boxes.

Thanks to everyone in the comments though. The subtle nudges here and there really helped!

After hard boxes like BigHead and HackBack, hacking this machine is pretty easy and pleasant leisure. It would be a mistake to miss this box. Catch the time to hack it before it retired.

It was really pleasant for me to pass it again although I already passed it a long time ago.
Like traveling in the past, when I thought that Irked was a hard challenge.

Found the user.txt file have no clue how to read that, can someone give me a little tip?