I was able to log in as an admin on the M****** last night. In the meantime the box has been reset, so I am restarting the same exploit as yesterday but unable to connect. Am I the only one?
Finally rooted the box. Even though it was very basic privesc and even with the hints given here I was stuck since I woke up a few minutes ago thinking āā ā ā , I am so stupidā. lol
Could anyone PM me and give me a hand? Iāve got web shell and user flag and Iām pretty sure I know what to do to get the root, but I cannot use it due to āno ttyā and for some reason I cannot reverse shell back to my local machine. Wireshark shows that the packets are arriving, on the correct ports too, but just no netcat connections.
is there suppose to be fileSystem option under the system tab because it seems to be appearing and disappearing?
This is actually a pretty big hint for the next step for youā¦ thereās other people on your server making this happen, wonder how theyāre doing it?
Hi, Iām stuck in getting user. I get the tunnel error with the second exploit and I canāt find the way to make it work. If someone could PM me to give me a hint, I wold appreciate it. Thanks!
Hi, Iām stuck in getting user. I get the tunnel error with the second exploit and I canāt find the way to make it work. If someone could PM me to give me a hint, I wold appreciate it. Thanks!
I came across this error yesterday and the only tip I can give you are unchecking the first options on the M****** C******. (This hint may make sense for you if you read ā and understand ā what is this options for.)
After reverse shell, the privilege escalation is classical as possible. You surely need to understand āpermissionsā on Linux. Get the root user of this machine is easy, though. Thatās all.
@Kapteyns the hash should be at the top of that file
Just as a hint to help others, to stop you going down a rabbit hole that I have been stuck in the last 24 hoursā¦ You donāt actually NEED a reverse shell to get root (if thatās the method youāre going for)ā¦
Just use your enumeration info to see what you can run and where you can run itā¦ No need to goā¦ wild (apologies if this is too huge a hint).
@Kapteyns the hash should be at the top of that file
Just as a hint to help others, to stop you going down a rabbit hole that I have been stuck in the last 24 hoursā¦ You donāt actually NEED a reverse shell to get root (if thatās the method youāre going for)ā¦
Just use your enumeration info to see what you can run and where you can run itā¦ No need to goā¦ wild (apologies if this is too huge a hint).
Exactly! This rabbit hole stuck me for a few hours.
I am stuck trying to figure out how to get w**-d*** to s**o with v* within the dir that it can for priv esc. I am prompted for a pw every try. Any nudges would be very welcomed, thanks.
I am stuck trying to figure out how to get w**-d*** to s**o with v* within the dir that it can for priv esc. I am prompted for a pw every try. Any nudges would be very welcomed, thanks.
Pay attention to the grant permission you have. (file and directory) ā It is a tiny detail that makes a huge difference.
Hello Guys,I am really stuck at the tunnel error.Could anyone please just pm a hint on how to fix it,Iāve been at it for two days and itās really annoying