Writeup

Hi guys,

I would like some help, Iā€™m stuck on root.

I have found two dirs where files are created after logging in.

But Iā€™m not sure if this is the right track and what I can do with it. A bit of direction would help me further.

Type your comment> @MarcelBC said:

Hi guys,

I would like some help, Iā€™m stuck on root.

I have found two dirs where files are created after logging in.

But Iā€™m not sure if this is the right track and what I can do with it. A bit of direction would help me further.

trace, what greets you when you login

Edit: Got it. Thanks @bompie.

iā€™m working on user, iā€™m sure iā€™ve taken the right exploit, but i obtain always the same response: the server has closed the connection
iā€™ve tried with different values for TIME but nothing seems to work. only one time i got an
8 digits alphanumeric string but again that error appears.
What iā€™ve missed?

hey bud im on writeup and im trying to change the c*****b.d to make a reverse ROOT shell from its autorun props running in root giving me a root shellā€¦but i cant edit the files am i on the right track?

Type your comment> @securekomodo said:

Just rooted. Took a while and went down 2 rabbit holes but found a way out.

Some tips:
Monitor/snoop processes and perform standard enumerations
Sort by which processes are running as root
What commandlines are they using? When do they occur? Are they called with absolute or relative paths?
What permissions do you have to the paths which you discovered?
How can you manipulate it to do what you want?

This should get you on your way :slight_smile:

^^ Keep saying it over and over again - READ THE DISCUSSION BEFORE attempting to hack the server. If only Iā€™ve found this comment 3 hours ago :slight_smile:

Thank you very much dude! Respect !

PM me if you would need help with either user or root. Even though it is not exactly difficult box, you can easily end up in a rabbit hole, which is annoyingā€¦

Type your comment> @dividebyzer0 said:

Ubj nobhg lbh chg va gur rssbeg naq QB VG LBHEFRYS lbh ynml cvrpr bs fuvg?

Best comment ever :3
I needed a laugh today, thank you.

Just got user.txt
My hint for those who are stuck on the TIME parameter: read carefully the writeup which is not finished. Itā€™s just right in front of you

am i the only one who didnt use time ā– ā– ā– ā–  for user gain?

and could someone give hits for root priv please? could i do it by exploiting c*** ??? thanks

Type your comment> @SkoN said:

am i the only one who didnt use time ā– ā– ā– ā–  for user gain?

I didnā€™t need to play with it either.

removed

Was stuck for a while, but enjoyed the machine. Good practice for privesc.

Finally rooted, Very easy box If anyone need help feel free to ping me :slight_smile:

Rooted. Donā€™t be like me and forget ch***, thanks @pkaiser.

finally root, it was staring me in the face for 2 days,

best nudge i got was to research path prioritys

a nudge in the right direction will be appreciated,i love that box but i donā€™t know where to start except getting the wr****** page and i canā€™t go any further,
i know i am missing something,a little help will be appreciated please,
A Skiddie is here xD

Type your comment> @baltazzar said:

a nudge in the right direction will be appreciated,i love that box but i donā€™t know where to start except getting the wr****** page and i canā€™t go any further,
i know i am missing something,a little help will be appreciated please,
A Skiddie is here xD

study the source codeā€¦ line by lineā€¦ see for any ā€œdetailsā€ and search on ā€œGOOGLEā€ for relevant exploit!

not a spoiler was removed

Rooted in unconviniant way, but I want to know how you exploited with p***. Please PM me, Thanks.