Rooted. Took longer than expected with work days lasting so long recently. Only worked on the box ~20-30 minutes at a time. Still, smooth and simple and I’m thankful for a break from some of these head banging machines.
Props to @manulqwerty and @Ghostpp7 for rolling out a box that can teach a lot for people just getting into this stuff, while also keeping it concise enough that you don’t tread too far away from the final objective. Kudos.
There are some really great hints already here in the forum too. If you find yourself really struggling after too much “try harder-[ing]”, then feel free to reach out if you need help, as well.
I’m such a newbie in solving machines. Can you tell me any retired machines that are lowkey similar to Jarvis, so I can watch Ippsec videos and learn from them
what’s so cool about s***y. if you run commands you’re still wa so why is that useful.
On *nix systems, there are a couple different ways where when you run a program it actually executes as another user. Programs with those permissions by their very nature are often among the most interest targets when attempting to privesc.
Good box. Lot’s of steps for an “easy” box but very straightforward.
Foothold: aim well when taking a dump
User: There’s probably a few ways to do this. But my hint is remember to play with POSIX only. The command doesn’t use bash
Root: enumerate for a weird misconfiguration
I’m completely stucked on privesc, i think i’ve found the point with s*******l but not sure about how can i use it… if someone could help me with a link to some resources that could help me to privesc…
I’m completely stucked on privesc, i think i’ve found the point with s*******l but not sure about how can i use it… if someone could help me with a link to some resources that could help me to privesc…
I submitted a reset for the box but obviously it won’t reset now that I’ve figured out how to get to user LOL - seriously if changing those codes was just to troll those who haven’t got user yet, not cool man >:(