Haystack

Finally rooted. That was harder than I’ve expected from 20 points box.
PM if you need hint :slight_smile:

I got this long command that I think will trigger l****h but it doesn’t seem to work. Do I have to change something in the command or does my cf file need to be named something specific? Help is much appreciated!

Im stuck there too, I guess yes, but no fkn clue what ?

Tips: Don’t overthink and just focus on something in front of you. PM if you need hint :slight_smile:

Finally rooted the box!
This was really tough, everything is right in front of you, you just need to dig deeper.

If you haven’t noticed yet, español es muy imporante para hackear este caja. However, I myself have only a rudimentary knowledge of Spanish and didn’t feel like deciphering every line I see.

In case you too would like to feel comfortable with this box, I suggest the following.

export LANG=en_US.UTF8
(If you don’t speak english, have no fear! On your own terminal, type locale. Now you can see what language you currently have set!)

I, personally, would also recommend
export TERM=xterm-256color
alias ls=‘ls --color=auto’

more information as to how languages work in linux can be found here How to Change or Set System Locales in Linux

The other stuff is to add a more “homey” feel to the shell. I suggest taking a look at this post here.

Hope this helps! Good luck!

User: The answer really is right in front of you. Keep digging! As some have said, if you find a password, the username shouldn’t be too far away.

Root: You really need to do your homework for this one. Learn everything you can about what can be run. If you look at other comments, you can see that privesc is required. Once achieved, see what files and directories are now accessible to you that you didn’t previously have! Read everything you can, learn all that you must, and have fun.

(Hopefully this all isn’t too much information, I just think the language knowledge and resources would be beneficial)

Type your comment> @vmonem said:

I am able to read qu*s and bk from port 9200 but can’t figure username, or the needle. (I also got data from port 80, and translated it).

Any Hints on PM will be appreciated.

I m on the same boat, did you get any further??

Type your comment> @Sav said:

Type your comment> @vmonem said:

I am able to read qu*s and bk from port 9200 but can’t figure username, or the needle. (I also got data from port 80, and translated it).

Any Hints on PM will be appreciated.

I m on the same boat, did you get any further??

You will notice the strange things in there. Just focus and becarefull when reading that.

I’m pretty close to k****a user, but something goes wrong with my js… any hint/help?

Type your comment> @petruknisme said:

Type your comment> @Sav said:

Type your comment> @vmonem said:

I am able to read qu*s and bk from port 9200 but can’t figure username, or the needle. (I also got data from port 80, and translated it).

Any Hints on PM will be appreciated.

I m on the same boat, did you get any further??

You will notice the strange things in there. Just focus and be careful when reading that.

It seems like they have difference…And this difference confuses me…
Or (I’m not sure) I should pass with those somewhere…?

Tough box. The three files and the Ejecutar space are killing me.

Grok is your friend

Hey I am running into an issue with my command for root. I am getting back this error when i run it: NS_HOME environment variable is not set. Can someone help me to fix this issue

Removed

Type your comment> @too55s said:

Tough box. The three files and the Ejecutar space are killing me.

Just follow the G**k and you will be safe.

@Refenn said:
Type your comment> @petruknisme said:

Type your comment> @Sav said:

Type your comment> @vmonem said:

I am able to read qu*s and bk from port 9200 but can’t figure username, or the needle. (I also got data from port 80, and translated it).

Any Hints on PM will be appreciated.

I m on the same boat, did you get any further??

You will notice the strange things in there. Just focus and be careful when reading that.

It seems like they have difference…And this difference confuses me…
Or (I’m not sure) I should pass with those somewhere…?

If you confuse reading that file with editor, try to use json beautifier and then look at the strange things :slight_smile:

need some hints for the haystack.
try many methods. any bits of advice?

Type your comment> @petruknisme said:

If you confuse reading that file with editor, try to use json beautifier and then look at the strange things :slight_smile:

No, I mean I’m confused with pass. The user is ok, but when I try to use some algorithms to pass, it becomes very strange.

Type your comment> @Refenn said:

Type your comment> @petruknisme said:

If you confuse reading that file with editor, try to use json beautifier and then look at the strange things :slight_smile:

No, I mean I’m confused with pass. The user is ok, but when I try to use some algorithms to pass, it becomes very strange.

It’s the same. If you can find the user, the pass is near from that. And if you can reveal the user, i think you can reveal pass too. I hope I’m not spoling this.

Hey everyone,
I found the low port “needle” and found the high port “user”, decrypted both and I am stuck. I am searching the json files b* and q* like a madman but don’t seem to find the last piece of the puzzle. I really need a pointer into the right direction.

sometimes the privesc for k**** user works with reverse shell but sometimes doesn’t work. Is it normal? i’m tired for trying 100 times for one shell. Help pls