Just got started - enumeration still going; found W***z**g while doing stuff manually is this the right path? Can we get RCE this way through debug or do I need to look harder at some errors?
EDIT: Yup, now have shell as technoweenie, working on getting user. Can’t seem to find anything pertinent to privesc. I must be missing something. I’ve run a few enumeration scripts and monitored processes to no avail.
EDIT 2: Well I got user.txt from the one with the God complex. I’ve seen g****** and b*****e*********** mentioned in this thread much to my chagrin. I might give it a crack when I’m feeling up to it. Thanks @Dmwong for the hint
Done root , nice machine thanks to @Ic3M4n@f4d3@postrequest@DeCipher DM me on mattermost @lokendra if you need a nudge , This machine is awesome like october
hey guys, I hacked the Gibson, found the garbage file but I’m still the techno weenie (even watched the movie again)… can anyone help me to a “better” user?
Just got started - enumeration still going; found W***z**g while doing stuff manually is this the right path? Can we get RCE this way through debug or do I need to look harder at some errors?
EDIT: Yup, now have shell as technoweenie, working on getting user. Can’t seem to find anything pertinent to privesc. I must be missing something. I’ve run a few enumeration scripts and monitored processes to no avail.
EDIT 2: Well I got user.txt from the one with the God complex. I’ve seen g****** and b*****e*********** mentioned in this thread much to my chagrin. I might give it a crack when I’m feeling up to it. Thanks @Dmwong for the hint
hey guys, I hacked the Gibson, found the garbage file but I’m still the techno weenie (even watched the movie again)… can anyone help me to a “better” user?
If only you had someone in your group who could help you shed some light on where you should cast your shadow.
Sure would be a good practice, like taking regular backups!
Stuck on getting user but I’m sure I’m super close. Poked around in the darker recesses of the box and found something that yielded a potential result but I can’t go any further with it. Am I missing something else that’s really obvious?
Edit - Nvm, looks like I was being too impatient.
Working on root. Looking for help.
Process dies with “Got EOF while sending in interactive” just as root shell spawns.
This does not happen on older ubuntu machines, but happens on 18.04.
Any hints how to prevent this? Feel free to PM. Thanks!
Stuck in the same place. Exploit works fine locally. Have tried multiple different ways to debug and either hangs or reaches EOF. Tried multiple different linked stuff as well.
Also stuck in the same place, have made it work on my machine with both a custom chain and the easier library way, both work for me, but neither work on Ellingson. I’m using ssh with the toolset we are all using. Stage 1 works but stage 2 keeps failing with EOF.
Working on root. Looking for help.
Process dies with “Got EOF while sending in interactive” just as root shell spawns.
This does not happen on older ubuntu machines, but happens on 18.04.
Any hints how to prevent this? Feel free to PM. Thanks!
Stuck in the same place. Exploit works fine locally. Have tried multiple different ways to debug and either hangs or reaches EOF. Tried multiple different linked stuff as well.
Also stuck in the same place, have made it work on my machine with both a custom chain and the easier library way, both work for me, but neither work on Ellingson. I’m using ssh with the toolset we are all using. Stage 1 works but stage 2 keeps failing with EOF.
Same boat here, if anyone wants to toss me a hint I’ll take it. Learning a lot about the b** e* Ropes though.
hey guys, I hacked the Gibson, found the garbage file but I’m still the techno weenie (even watched the movie again)… can anyone help me to a “better” user?
If only you had someone in your group who could help you shed some light on where you should cast your shadow.
Sure would be a good practice, like taking regular backups!
hey guys, I hacked the Gibson, found the garbage file but I’m still the techno weenie (even watched the movie again)… can anyone help me to a “better” user?
If only you had someone in your group who could help you shed some light on where you should cast your shadow.
Sure would be a good practice, like taking regular backups!
Already found where to cast my shadow but hit a wall. What I thought should work for a “better user” doesn’t
Can I pm you for a hint ?
Am I going the right way using s** with i*_r** I found? Still getting password prompt when trying to login as user h**
I think it’s the right way.
Do you properly point your key with ‘-i’ ?
Yup.
you’re almost there but I think you’re having it backwards. It’s more a game of what the server needs from you to log in without a password than the other way around
you’re almost there but I think you’re having it backwards. It’s more a game of what the server needs from you to log in without a password than the other way around
How so? I’m giving it the i*_r** key. Am I missing something else?
you’re almost there but I think you’re having it backwards. It’s more a game of what the server needs from you to log in without a password than the other way around
How so? I’m giving it the i*_r** key. Am I missing something else?
There’s a specific file you can write into that will help you more than providing the server with its own private key
hey guys, I hacked the Gibson, found the garbage file but I’m still the techno weenie (even watched the movie again)… can anyone help me to a “better” user?
If only you had someone in your group who could help you shed some light on where you should cast your shadow.
Sure would be a good practice, like taking regular backups!
Already found where to cast my shadow but hit a wall. What I thought should work for a “better user” doesn’t
Can I pm you for a hint ?