Writeup

Type your comment> @MRwatch0xff said:

Rooted, thanks for illuminatiguy for the little nudge.
Root for vip users. ssh sessions for the win

Any recommendations for how to proceed as vip user? I see no traffic in monitoring…

Type your comment> @th3location said:

Type your comment> @MRwatch0xff said:

Rooted, thanks for illuminatiguy for the little nudge.
Root for vip users. ssh sessions for the win

Any recommendations for how to proceed as vip user? I see no traffic in monitoring…

If you can’t see the traffic from someone else, create your own, just ssh from a new teminal :wink:

@R3S3T said:
Someone could please give a hint? I found the wr*** page but i dont know what to do next. I also found the cm*** but i cant find nothing about it

Look for open source exploits for the cm*** hint, it’s related to S** In****

I’ve got user, I found a file *****4 but now it’s deleted, is that normal? maybe I wasn’t supposed to find it in the first place

Type your comment> @illuminatiguy said:

Type your comment> @th3location said:

Type your comment> @MRwatch0xff said:

Rooted, thanks for illuminatiguy for the little nudge.
Root for vip users. ssh sessions for the win

Any recommendations for how to proceed as vip user? I see no traffic in monitoring…

If you can’t see the traffic from someone else, create your own, just ssh from a new teminal :wink:

already did, but it seems that after few commands and starting ps** the server is hang and I can’t press any key inside, or typing… no more messages appear…

Someone could help me with the hash part?

Closing in on root, need a nudge though

Type your comment> @th3location said:

Type your comment> @illuminatiguy said:

Type your comment> @th3location said:

Type your comment> @MRwatch0xff said:

Rooted, thanks for illuminatiguy for the little nudge.
Root for vip users. ssh sessions for the win

Any recommendations for how to proceed as vip user? I see no traffic in monitoring…

If you can’t see the traffic from someone else, create your own, just ssh from a new teminal :wink:

already did, but it seems that after few commands and starting ps** the server is hang and I can’t press any key inside, or typing… no more messages appear…

try to run it after some time, when the traffic is a bit low

can i get some assistance with root please i’ve been struggling for 6 hours

Rooted. thanks to @illuminatiguy for providing the final nudge needed to get root, was deep into all these rabbit holes

User: Once you’ve found the /w*****/ directory, look at the source code of the page and find what cms is being used. Plenty of exploits, only 1 will work

Root: Like mentioned, use pspy keep it running, open new terminal tab and generate traffic by logging in again, and take a look at the new process that take place

Type your comment> @jimmie4 said:

can i get some assistance with root please i’ve been struggling for 6 hours

What is the first thing we see when we ssh in the server. What process is responsible for that? Monitor the PATH. Google about path priorities! The rest will be smooth as a sbin

@illuminatiguy i understand what i have to do but i just cant get it to work

Type your comment> @jimmie4 said:

@illuminatiguy i understand what i have to do but i just cant get it to work

What have you tried till now? Do you have a directory with write access?

@illuminatiguy i try dropping reverse shell but it either doesn’t work or when netcat pickes it up it freezes

Type your comment> @jimmie4 said:

@illuminatiguy i try dropping reverse shell but it either doesn’t work or when netcat pickes it up it freezes

try metasploit !! ALways works

Got root !!
Thanks to @DaChef for nudge on root !!

Danke @jkr cool box

I am not sure if I am using the right exploit for getting past the /w**p/an. I definitely hit a wall. I need a serious hint.

Could I get a pointer for root please? I’m pretty sure I know what I’m supposed to be looking at but not sure how to exploit…

@jkr that pass seems handpicked