Writeup

Was stuck for a while, but enjoyed the machine. Good practice for privesc.

Finally rooted, Very easy box If anyone need help feel free to ping me :slight_smile:

Rooted. Don’t be like me and forget ch***, thanks @pkaiser.

finally root, it was staring me in the face for 2 days,

best nudge i got was to research path prioritys

a nudge in the right direction will be appreciated,i love that box but i don’t know where to start except getting the wr****** page and i can’t go any further,
i know i am missing something,a little help will be appreciated please,
A Skiddie is here xD

Type your comment> @baltazzar said:

a nudge in the right direction will be appreciated,i love that box but i don’t know where to start except getting the wr****** page and i can’t go any further,
i know i am missing something,a little help will be appreciated please,
A Skiddie is here xD

study the source code… line by line… see for any “details” and search on “GOOGLE” for relevant exploit!

not a spoiler was removed

Rooted in unconviniant way, but I want to know how you exploited with p***. Please PM me, Thanks.

can someone give me hints to root this machine please?

fresh out of onetwoseven, and I landed here…A number of similarities spotted. great lessons learnt on both. Well done @jkr

ROOTED!!

user has been easy,

root : rabit hole made me waste few hours, when i realized it couldnt be so complicated I rooted in few istants… (sadly being an unaspected way my root flag has been used by 3-4 before I could delete in the tmp folder :frowning: )

PM if you need help!

finally rooted!
Dont know why ppl would put the root.txt in tmp or even copy it at all? reverse shell and cat it… lol!
when you try to run the privesc with the wrong name for some hours also… ■■■■ facepalm never stress it, and look at what you have again when nothing seems to work with an easy rated box!
Thanks for a nice lesson!

Type your comment> @SpaceMoehre said:

did someone crack with john/hashcat? would like to hear about that

I used hashcat as well

Rooted. Interesting box.

rooted. what a box. PM me if you need a nudge.

Looking for a nudge on root. Ran the tool to see what’s happening and generated some interesting traffic. Having a hard time seeing where to head next.

Edit: Rooted… Definitely overlooked that one haha

Hint for root: When root takes something from a location user can control, bad things happen =D

This is an easy-peasy box…Before you’re gonna overlook anything, just remember how much points this box worth!!!..

Got user, now working on root
Wasted way too much time because i misread the script

Tricky box but learned a lot :slight_smile:

User: a certain exploit will do the job, but… be gently :slight_smile:

Root: enumeration + basic permission knowledge