Can I get some help on user? I’ve been using the “rubberband” and I’ve used _search on b*** and q***** but haven’t found anything useful.
Type your comment> @slimz28 said:
Can I get some help on user? I’ve been using the “rubberband” and I’ve used _search on b*** and q***** but haven’t found anything useful.
Same here - feel like I am as far as I can go without some direction please!
Type your comment> @slimz28 said:
Can I get some help on user? I’ve been using the “rubberband” and I’ve used _search on b*** and q***** but haven’t found anything useful.
DM I can help a little
Type your comment> @mojorisin said:
Type your comment> @slimz28 said:
Can I get some help on user? I’ve been using the “rubberband” and I’ve used _search on b*** and q***** but haven’t found anything useful.
DM I can help a little
Haha as soon as I commented, I tried something and that gave me what I needed to uncover the username/passwd.
Hey everyone,
I’m looking for help getting root. Found somethings that I’m exploring but can’t really narrow a path to a privesc down.
Type your comment> @slimz28 said:
Type your comment> @mojorisin said:
Type your comment> @slimz28 said:
Can I get some help on user? I’ve been using the “rubberband” and I’ve used _search on b*** and q***** but haven’t found anything useful.
DM I can help a little
Haha as soon as I commented, I tried something and that gave me what I needed to uncover the username/passwd.
Have you got near root yet if you have could you give me a nudge I have user )
I’m on the box trying to priv esc to K. Super stuck here, could someone give me a nudge please? I read something about an LFI, but is this the only way?
Got user… but for root, i am trying to use the L**-vulnerabiility. When I use it the server only “chews”. No mattr if i include a reverse shell or a textfile. Isn’t this the severity we are supposed to use?
Read up on how l******h handles log files.
Phew, finally rooted. Don’t over think the privesc like I did. Look at what you have, consult the documentation to understand what’s going on, google around for some good resources, and then use a debugger to your advantage. PM me if you’re stuck and need a nudge in the right direction. Special thanks to @thegoatreich for the assist.
Just got root, as @nergalwaja says, don’t overthink it. Just connect the dots.
Special thanks to everybody who gave me a nudge in the right direction. Looking to pay it forward, PM me if stuck or in need of hints. Good luck.
jeez, i’m getting a raw patch on my head from scratching it so hard. user was…meh. nice puzzle but i prefer more “real world” boxes. i know what i need to do after getting user, it’s just i can’t figure out how. i know what to upload and was looking into a specific CVE but i can’t figure out how to execute it. looking through the documentation (which is pretty bad in my opinion, just my 2 cents) didn’t get me any further, can anyone point me in the right direction on what to read up on? i’m stuck
When trying the K***** exploit, i’m getting a status 400 unrecognised parameter error - can someone nudge me on what I’m doing wrong here?
Ok I’m stupid.
rooted. Learned a lot about l****h , especially gk.
All hints have been already mentioned. If I have to add something about priv esc, don’t forget that \s means SPACE.
Umm, is the s* suid binary that the l******h spits out a rabbit hole ?
Yeah being stuck is being desperate
I have found some B**k details and some q****s …is this a right path …how to use this info…
Rooted. The final step needed patience
Would appreciate some help with steps after user. I have been playing with a L** for K***** but when I check ports open the port shown in /etc/k*****/k*****.yml is not running. When I try what the PoC shows on port 9*** it just errors out. Not sure what I’m missing…
Update: Nevermind…
Type your comment> @wish said:
I have found some B**k details and some q****s …is this a right path …how to use this info…
i have same question with you,any hints?thanks