Swagshop

Type your comment> @Deim0s said:

I was able to log in as an admin on the M****** last night. In the meantime the box has been reset, so I am restarting the same exploit as yesterday but unable to connect. Am I the only one?

Iā€™m having the same issue.

Is this box still getting lumped?? I reset it and its still unavailable as soon as it comes back up -_-

Rooted very easy box !
Ping me in case you need help!

Finally rooted the box. Even though it was very basic privesc and even with the hints given here I was stuck since I woke up a few minutes ago thinking ā€œā– ā– ā– , I am so stupidā€. lol

Could anyone PM me and give me a hand? Iā€™ve got web shell and user flag and Iā€™m pretty sure I know what to do to get the root, but I cannot use it due to ā€œno ttyā€ and for some reason I cannot reverse shell back to my local machine. Wireshark shows that the packets are arriving, on the correct ports too, but just no netcat connections.

rooted, feel i am like a dumb when i figure it out. :frowning:

is there suppose to be fileSystem option under the system tab because it seems to be appearing and disappearing?

@FlompyDoo said:

is there suppose to be fileSystem option under the system tab because it seems to be appearing and disappearing?

This is actually a pretty big hint for the next step for youā€¦ thereā€™s other people on your server making this happen, wonder how theyā€™re doing it?

Iā€™ve now successfully rooted and bought myself a shirt! Thanks to @1c4re1337, @jkr and @dorseyhacks :slight_smile:

Hi, Iā€™m stuck in getting user. I get the tunnel error with the second exploit and I canā€™t find the way to make it work. If someone could PM me to give me a hint, I wold appreciate it. Thanks!

@jajajadex said:

Hi, Iā€™m stuck in getting user. I get the tunnel error with the second exploit and I canā€™t find the way to make it work. If someone could PM me to give me a hint, I wold appreciate it. Thanks!

I came across this error yesterday and the only tip I can give you are unchecking the first options on the M****** C******. (This hint may make sense for you if you read ā€“ and understand ā€“ what is this options for.)

After reverse shell, the privilege escalation is classical as possible. You surely need to understand ā€œpermissionsā€ on Linux. Get the root user of this machine is easy, though. Thatā€™s all. :wink:

Guys, i just rooted the box but thereā€™s no hash in root.txt. Only info about the store. Strange?

@Kapteyns the hash should be at the top of that file :slight_smile:

Just as a hint to help others, to stop you going down a rabbit hole that I have been stuck in the last 24 hoursā€¦ You donā€™t actually NEED a reverse shell to get root (if thatā€™s the method youā€™re going for)ā€¦

Just use your enumeration info to see what you can run and where you can run itā€¦ No need to goā€¦ wild (apologies if this is too huge a hint).

Nevermind, reset worked :wink:

@DrLux0r said:

@Kapteyns the hash should be at the top of that file :slight_smile:

Just as a hint to help others, to stop you going down a rabbit hole that I have been stuck in the last 24 hoursā€¦ You donā€™t actually NEED a reverse shell to get root (if thatā€™s the method youā€™re going for)ā€¦

Just use your enumeration info to see what you can run and where you can run itā€¦ No need to goā€¦ wild (apologies if this is too huge a hint).

Exactly! This rabbit hole stuck me for a few hours.

I am stuck trying to figure out how to get w**-d*** to s**o with v* within the dir that it can for priv esc. I am prompted for a pw every try. Any nudges would be very welcomed, thanks.

@sipfurb said:

I am stuck trying to figure out how to get w**-d*** to s**o with v* within the dir that it can for priv esc. I am prompted for a pw every try. Any nudges would be very welcomed, thanks.

Pay attention to the grant permission you have. (file and directory) ā€“ It is a tiny detail that makes a huge difference.

I am stuck on getting user on the admin panel. could anyone pm me for some hints for a new guy like myself? would very much appreciate it.

Type your comment> @DrLux0r said:

Iā€™ve now successfully rooted and bought myself a shirt! Thanks to @1c4re1337, @jkr and @dorseyhacks :slight_smile:

you welcome :slight_smile: and gg !

Hello Guys,I am really stuck at the tunnel error.Could anyone please just pm a hint on how to fix it,Iā€™ve been at it for two days and itā€™s really annoying