Jarvis

Hey! I’m pretty new and getting the hang of all of this. I was able to get to pr and I know that root has to do with s*****l but I have no idea where to go from here. Can someone give me a nudge or PM me an article that I could read to teach myself about this type of thing? Thanks so much in advance, I’d really appreciate it.

USER:
Sometimes, you don’t need google translate because the thing might be lying in the spanish

ROOT:
GTFObins privilege escalation cheat sheet comes in handy

Rooted!
Learned a few things with this box!

Happy to help if needed :slight_smile:

Just got root, learned a lot, especially that you have to go small steps :smiley:

Need help with priv esc
I feel it is something to do with s******** or p***
Tried both, but no luck

Hello, can anyone help me with one thing on the privilege escalation? I managed to do it once and get root but now that I’m doing it again it doesn’t work. Thank you

Never mind, I just found out what the error was! Great machine, kudos to the authors!

Oh)) User was pain in an a*s, downrated for that. The root part was quite good

can someone help me i am stuck in the rooms

Finally rooted, Thanks to everyone in this forum…
I was too stubborn, I didn’t realise my mistake…
NOTE: Don’t overcomplicate things … maybe you are just slicing down your chances

Rooted! Big thanks to @BINtendo and @Pp123 for the nudges. Really appreciated.
Foothold: don’t get too complicated, think basic
User: brush up on your programming knowledge
Root: ton of hints here already, but the one that helps the most is “weird misconfiguration”

Thanks to @xscorp7 for the following:

ROOT:
GTFObins privilege escalation cheat sheet comes in handy

I was having a very frustrating day until this comment. Each step took me ages but in the end I can say I really enjoyed this box. I’m not always the quickest to respond, but PM me if needing hints.

@zepz0p , nope. I got that too. Can be used to get user as well.

Finally rooted, Thanks to everyone in this forum.
Here are already really good tips … read them carefully then you know what to do :slight_smile:

@zepz0p why are you confused? I’m pretty sure that’s what everybody did. What do you see that implies otherwards?

::systemctl /h**/p**/***.service but im still stuck… no success

just rooted this great box :slight_smile:
the initial foothold took me a while, rest was very smooth and straight forward.

rooted fun and good box , i think i learned something :smiley:
the first part, you need to get shell by exploit a web vuln and get the creds , login and get the shell
a lil enumeration would be enough to bypass the filter in s*****.py and get user.txt
the root not so hard just use google and everything will be fine :wink:

pm me if you need more help
Arrexel

Rooted ! What a fun box !

Rooted! Some hints:

  • User. (1) Exploit a classic web vulnerability in order to get some creds. (2) After using those creds, the only thing you need is to google. (3) Once you have a low priv shell, use a python script located somewhere to escalate your privileges (this part is a little bit tricky because of the “forbidden chars”).

  • Root. Use the tipical enumeration script to see the entry point to priv esc. Once you see it, it is quite straightforward how to exploit it, just google a little.

Funny box! PM me if you need a nudge

i need help!!!
i am user p****r, and i have my .se in /t*.

i run:

syl lk $P/.se
sy
**l st ********

and the output:

Failed to link unit: No such file or directory
Failed to start ***.s*****e: Unit **.se not found.
Failed to start transient service unit: The name org.freedesktop.PolicyKit1 was not provided by any .s
e files