Writeup

Type your comment> @1uffyD9 said:

Type your comment> @acidbat said:

 Type your comment> @1uffyD9 said:
 > Type your comment> @acidbat said:
 > > Hi everyone,
 > > I’m very stuck on user...
 > > 
 > > Been reading the posts here and trying to figure out the hints...
 > > 
 > > I found the authentication page in /wr**u/a***n
 > > And thought, ok this I could logon to using metasploit (as in locating the creds)
 > > But no success (I used the common wordlists with kali)
 > > 
 > > I also found the exploit for the certain app being used for the site (well it looks like the exploit that everyone is referring to) but looking at the code it seems I need to get some more info from the site to add to the code.
 > > That info I think is part of getting access to the site mentioned at the start of my comment.
 > > 
 > > So any hint/nudge for me to get user?
 > > Am I on the right track?
 > 
 > DId you run the script without any arguments?? what it says??

 Was actually the wrong exploit.
 Think I got the correct one now, and now I get the TIMED hints. ?

 Back to trial and errors :)

You’ll get that… :smiley: :smiley: um sure… keep trying … heheee :smiley:

Sigh, banging my head on the TIMED…
Doesn’t matter what I enter it goes speedy fast and server will close connection.

Trying to understand the hints, looking at source page, inspecting but I must be very blind…

Any nudge(s) x2-3?

Thanks to a post from @BashShabakate0 I finally saw the thing I’d been pspy’ing for. I really enjoyed this box, especially for the linux priv esc practice.

Root was easy but nice

Very nice box and really interesting exploit :slight_smile:

Type your comment> @thegingerninja said:

Thanks to a post from @BashShabakate0 I finally saw the thing I’d been pspy’ing for. I really enjoyed this box, especially for the linux priv esc practice.

welcome :slight_smile:

Can someone pls give me a nudge on how to get root. Got p*** running and see a potential thingy but don’t know how to advance…
Help would be appreciated!

Type your comment> @Center said:

Can someone pls give me a nudge on how to get root. Got p*** running and see a potential thingy but don’t know how to advance…
Help would be appreciated!

you should hijack some script
maybe run p*** and re-login from another tap will be a good idea
and watching of course

Managed to get root flag, would however like to get a root shell but not sure how, tried several ideas but all failed. Any ideas?

Rooted finally, nice machine and interesting exploits both user and root.
Thanks to @BashShabakate0 to drive me in the correct way to get user access.

Stuck on user still, not sure if im going down rabbit hole, found w******/an, tried using burp, idk if ap_get_bic_a**_pw() is supposed to be used, or even how to use it. Anyone able to help?

Stuck on root forever. Guess I’m thinking about it way too hard

Type your comment> @Rexzyy said:

Stuck on root forever. Guess I’m thinking about it way too hard
Since everyone knows you have to use pspy64 here, I’d suggest looking only at root processes… you can simply save them to a file, grep UID=0 and leave only unique ones. than just carefully examine each one of them over and over.

Stuck on root. I already ran p**y and I think I know what to do but it’s not working. Could someone pm me a nudge? Thanks!

Edit: Rooted, not as easy as everyone says just keep looking into what is writeable.

Finally rooted. Thanks @marine for the hint. Feel free to PM for hints!

I have the cms name, just dont know how to proceed from there. Tried 2 exploits on the cms and nothing happened.

Type your comment> @AjackX said:

Stuck on root. I already ran p**y and I think I know what to do but it’s not working. Could someone pm me a nudge? Thanks!

same here someone please help

Hi All, I appreciate there is an ubundance of tips here however Im trying to get the creds for /w******/a****. I ran the s*** exploit and recovered a hash which ive been trying to crack for days but it looks like i ran the exploit wrong hence why i cant use the creds in any other services. I’ve now tried running the exploit correctly (after making a necessary change i missed before tick tock) however the packets are being rejected now by the web server.

Does anyone have any tips or is in the same boat as me? I would very much appreciate a none spoilery tip.

Thanks!

I just ran the linenum script and i couldnt find anything out of order. Any hints ?

The second day I try to get root. Give me a hint on PM plz.

There is a ton of data over there and i dont know what i should be looking at.