I have low priv shell, user.txt, b***** file and I have read a lot of steg stuff, I have checked all the challenges, next step is to buy a Desert Eagle .50, it was a pleasure guys LOL
Edit: I also realize in b***** file the K***** code but nothing to do with that, not in the web at least.
Struggling to solve the steg part. I was learning about steg a while ago but appear to have forgotten nearly everything. I think I’ve pull some info but unsure how to use, so far all attempts to use where I think it should be used have failed.
Hey Guys, Any help to get root would be appreciated. This is my first box on here and I was able to enumerate and find file which led me to getting the user.txt file. Afterwards I review the process and try a few basic escalation techniques which didn’t workout. I than ran a another enumeration tool and I believe I know the exploit to get root but for some reason any variant isn’t working. Any thoughts on it, It almost annoying like a C0w that out of milk.
Awesome beginner machine. Really good for those getting used to pentesting and a little fun CTF type challenge for user
Foothold: Enumerate! You don’t need anything besides nmap and msfconsole
User: a CTF like challenge. Find the first piece of the puzzle doing basic enumeration of files and directories and then the second piece is just thinking about what you may have seen already if you visited the ports from nmap.
Root: This part is really trivial, although remember the machine is called Irked for a reason, so what is needed for doing the privesc maybe hiding in plain site, just think of the normal privesc methods (cron jobs, PATH, setuid, kernel, sudo rights) and go through them. HINT: you don’t need a kernel exploit here.
So far this is my favorite ‘beginner’ box that I’ve done.
Ok, I hit a wall. I am positive is have the binary needed for priv esc. However, I am not entirely sure what to do with it. I can run it, but the output is not that helpful.
@bu77er0verfl0w Finally got root. Thanks alot for that general tip. @dolphoneman I would read and go back through some of the basics. If you believe you found an binary, Do some digging, you should know what to do it.