I am on the last step to root. I found out what to do but cant trigger the event . Any hints?
Edit : Got shell but dont know if someone else triggered it
I'm with @humurabbi ... got root but not sure if I triggered it the right way or if someone else did. I tried to redo the steps and follow the process with pspy64 but the machine is a bit unstable with everyone running the exploits on it on eu-free . I think I did it right but would love a confirmation if someone just wants to drop me a PM and tell me what is the last command they used to trigger I would really appreciate...
Hmm. Still struggling with root. I think that I already created what is needed to get shell, but it's not being executed. Any help will be appreciated.
I have user and have gotten myself my initial foothold as s*******. For root I have tried enumerating the system and have found K***** but am having trouble finding the next step. If someone could PM me I'd be very appreciative! I will edit this post if I solve it, so if I've not edited it then I am still stuck.
Hi guys... can i have a helping hand here? I have managed to find what's on port 80 and have found the 4 indices on ES but not too sure where you guys have found the username needed?
@hxmo make sure you enumerate the box. From there you will find the next step.
yeah im sure ive enumerated all, the encoded message was actually the last thing i found after enuming everything possible - will need to go back to the box and see what i can think of that message meaning
Does anyone else have an issue with reconnecting the shell as k*****? If I try to get a more interactive shell or close it by mistake, rerunning my LFI doesn't reestablish the connection.
EDIT: resetting the box helps, but not ideal
changing the name over your s****.j* allows the connection to reconnect.
Comments
Type your comment> @ismailyavuz said:
Found! I think I re-read the entire dump like 3-4 times until I finally found it
Need HINTS pls DM me!
Just got user, wow that was interesting. Looking back I enjoyed it! Frustrating at times, but that's the area we work it.
Onto root.
I am on the last step to root. I found out what to do but cant trigger the event . Any hints?
Edit : Got shell but dont know if someone else triggered it
OSCP
I have some doubts on this? Can i pm some1 who has already got root?
any nugde for root ? I enumerate i think most of yml and process but no luck so for..
I'm with @humurabbi ... got root but not sure if I triggered it the right way or if someone else did. I tried to redo the steps and follow the process with pspy64 but the machine is a bit unstable with everyone running the exploits on it on eu-free . I think I did it right but would love a confirmation if someone just wants to drop me a PM and tell me what is the last command they used to trigger I would really appreciate...
How to stop getting the broadcast?
Any hints for root?
While privesc, is it possible to switch to the user k***** without causing a denial of service?
stuck on the root, anyone with nice hints DM me please
OSCP
need help with root DM ME pls
Can someone PM me, trying to get LFI to work. Want to make sure I'm on the right path.
Can someone pm me for root.I think i'm on last step k****a l**s***h
Hmm. Still struggling with root. I think that I already created what is needed to get shell, but it's not being executed. Any help will be appreciated.
PP
hello guys, how do we get into the machine ? i see ssh open, do we bruteforce it ? THANKS!
I have user and have gotten myself my initial foothold as s*******. For root I have tried enumerating the system and have found K***** but am having trouble finding the next step. If someone could PM me I'd be very appreciative! I will edit this post if I solve it, so if I've not edited it then I am still stuck.
do you guys bf ftp ? thanks!
Spoiler Removed
Hi guys... can i have a helping hand here? I have managed to find what's on port 80 and have found the 4 indices on ES but not too sure where you guys have found the username needed?
anyone with hint for the root?
OSCP
Any hints on whats next after decoding the base64 and finding the message ?
Type your comment> @hxmo said:
log in and kill the user 😁
OSCP
Type your comment> @el3ctr0 said:
@hxmo make sure you enumerate the box. From there you will find the next step.
Type your comment> @zac777 said:
yeah im sure ive enumerated all, the encoded message was actually the last thing i found after enuming everything possible - will need to go back to the box and see what i can think of that message meaning
Does anyone else have an issue with reconnecting the shell as k*****? If I try to get a more interactive shell or close it by mistake, rerunning my LFI doesn't reestablish the connection.
EDIT: resetting the box helps, but not ideal
changing the name over your s****.j* allows the connection to reconnect.
can anyone help me for user?
What a box! Getting root shell was the best part and yes, Trying Harder works!!
Rooted.
For user: read docs and play with the query
For root: you need to become banana first