Jarvis

I submitted a reset for the box but obviously it won’t reset now that I’ve figured out how to get to user LOL - seriously if changing those codes was just to troll those who haven’t got user yet, not cool man >:(

Rooted!
hint for user, what cod you do?
hint for root, can you ping out?
PM for help

■■■■ I lost 2 days looking at the root privesc , nothing worked. One word of advice, always use absolute paths when working with service files.

Type your comment> @BlackNote said:

Why on earth would someone change the codes in s******.*y - seriously why???

fixed with a reset :wink:

Rooted! Jarvis was a pretty fun and straight forward box (now that I’m looking back) like most people said!

User:
There’s some kinky stuff in this special room.
So you’re now trying to get user and you’re stuck, take a step back and look at the big picture for your classic enumeration skills. (This goes for both parts, the simplest of commands should get you there).

Root:
Use your classic enumeration scripts.
If a user can have control over root, bad things can happen.
You can find an article that will be helpful. Take the instructions on there loosely, understand every aspect stated on there.

Got user
Thanks @env
Feel feel to PM for user

hint for user olease

I could use a nudge on root if anyone is available. I’m fairly green on privesc techniques, I have some ideas, but I’m not sure if I’m anywhere near the right path or how to execute on those ideas.

I"m stuck on initial foothold. I’m thinking I"m looking in the right place but I can’t figure out what to do. Can anyone pm me please?

Great box - thanks for the easter egg at the end.

Hint:
User: As our friend said “check all hotel rooms”
Root: 4755

I’ma goose

I’m stuck into user explotation any hint for LFI or how gather creds to /ph*******in/? PM please

Hi, I am inside the p********n page. I am not sure how to proceed from there. Can you please give me a way ahead?

Edit: Got it. Thanks anyway

Rooted! Special thanks to @elgastiom for giving me the last hint to get root!

If someone needs help just PM me.

I am stuck on s********y. Can anyone help me out with some reading material or how to approach it?

Type your comment> @aasiakhan said:

I am stuck on s********y. Can anyone help me out with some reading material or how to approach it?

me toooooooo… Could someone have changed permissions?

Type your comment> @keithschm said:

Type your comment> @aasiakhan said:

I am stuck on s********y. Can anyone help me out with some reading material or how to approach it?

me toooooooo… Could someone have changed permissions?

Just cracked user, take a look a the s********y and see what it’s doing. Find a way to use that to your advantage.

Type your comment> @hoodedfigure said:

Type your comment> @keithschm said:

Type your comment> @aasiakhan said:

I am stuck on s********y. Can anyone help me out with some reading material or how to approach it?

me toooooooo… Could someone have changed permissions?

Just cracked user, take a look a the s********y and see what it’s doing. Find a way to use that to your advantage.

Been there, but after finding a way to leverage the script for my own benefit, I get the same permissions (obviously). SUID/GUID files do not help either.

Type your comment> @Revolution said:

Type your comment> @hoodedfigure said:

Type your comment> @keithschm said:

Type your comment> @aasiakhan said:

I am stuck on s********y. Can anyone help me out with some reading material or how to approach it?

me toooooooo… Could someone have changed permissions?

Just cracked user, take a look a the s********y and see what it’s doing. Find a way to use that to your advantage.

Been there, but after finding a way to leverage the script for my own benefit, I get the same permissions (obviously). SUID/GUID files do not help either.

Previously mentioned by @Zot

Google: Infoblox NetMRI 7.1.4 Shell Escape / Privilege Escalation