I"m stuck on initial foothold. I’m thinking I"m looking in the right place but I can’t figure out what to do. Can anyone pm me please?
Great box - thanks for the easter egg at the end.
Hint:
User: As our friend said “check all hotel rooms”
Root: 4755
I’ma goose
I’m stuck into user explotation any hint for LFI or how gather creds to /ph*******in/? PM please
Hi, I am inside the p********n page. I am not sure how to proceed from there. Can you please give me a way ahead?
Edit: Got it. Thanks anyway
Rooted! Special thanks to @elgastiom for giving me the last hint to get root!
If someone needs help just PM me.
I am stuck on s********y. Can anyone help me out with some reading material or how to approach it?
Type your comment> @aasiakhan said:
I am stuck on s********y. Can anyone help me out with some reading material or how to approach it?
me toooooooo… Could someone have changed permissions?
Type your comment> @keithschm said:
Type your comment> @aasiakhan said:
I am stuck on s********y. Can anyone help me out with some reading material or how to approach it?
me toooooooo… Could someone have changed permissions?
Just cracked user, take a look a the s********y and see what it’s doing. Find a way to use that to your advantage.
Type your comment> @hoodedfigure said:
Type your comment> @keithschm said:
Type your comment> @aasiakhan said:
I am stuck on s********y. Can anyone help me out with some reading material or how to approach it?
me toooooooo… Could someone have changed permissions?
Just cracked user, take a look a the s********y and see what it’s doing. Find a way to use that to your advantage.
Been there, but after finding a way to leverage the script for my own benefit, I get the same permissions (obviously). SUID/GUID files do not help either.
Type your comment> @Revolution said:
Type your comment> @hoodedfigure said:
Type your comment> @keithschm said:
Type your comment> @aasiakhan said:
I am stuck on s********y. Can anyone help me out with some reading material or how to approach it?
me toooooooo… Could someone have changed permissions?
Just cracked user, take a look a the s********y and see what it’s doing. Find a way to use that to your advantage.
Been there, but after finding a way to leverage the script for my own benefit, I get the same permissions (obviously). SUID/GUID files do not help either.
Previously mentioned by @Zot
Google: Infoblox NetMRI 7.1.4 Shell Escape / Privilege Escalation
read that, but permissions are restrictive…
can’t run that with out putting something else in front of it.
Rooted! Wonderful.
Finally i do it with few hints from this thread. I can get full shell from user with hint posted here. But root flag i get in stupidest way ever!
Just pm me if you wanna help
Type your comment> @hoodedfigure said:
Type your comment> @Revolution said:
Type your comment> @hoodedfigure said:
Type your comment> @keithschm said:
Type your comment> @aasiakhan said:
I am stuck on s********y. Can anyone help me out with some reading material or how to approach it?
me toooooooo… Could someone have changed permissions?
Just cracked user, take a look a the s********y and see what it’s doing. Find a way to use that to your advantage.
Been there, but after finding a way to leverage the script for my own benefit, I get the same permissions (obviously). SUID/GUID files do not help either.
Previously mentioned by @Zot
Google: Infoblox NetMRI 7.1.4 Shell Escape / Privilege Escalation
Seriously, I don’t know if I am stupid or something, but I cannot understand. The encapsulation technique is something that I found out by myself, without the need of this link, but other than that I can really do not understand how I am suppose to use this since there is not infoblox on the system.
i need hint in PM me
Type your comment> @Revolution said:
Type your comment> @hoodedfigure said:
Type your comment> @keithschm said:
Type your comment> @aasiakhan said:
I am stuck on s********y. Can anyone help me out with some reading material or how to approach it?
me toooooooo… Could someone have changed permissions?
Just cracked user, take a look a the s********y and see what it’s doing. Find a way to use that to your advantage.
Been there, but after finding a way to leverage the script for my own benefit, I get the same permissions (obviously). SUID/GUID files do not help either.
It’s hard to tell exactly what you’re doing given your comments, but if a program is exploitable and you run it as yourself and exploit it, you obviously won’t have accomplished much. OTOH, if you can find a suid program or find some other way to run a program which is exploitable as a user other than yourself, then you’d be onto something.
I’m getting the ban message even after a reset if it’s my first request on the box. Is this expected behavior?
Type your comment> @Conda said:
I’m getting the ban message even after a reset if it’s my first request on the box. Is this expected behavior?
You’re making one single request? Using something like curl?