Haystack

Can I get some help on user? I’ve been using the “rubberband” and I’ve used _search on b*** and q***** but haven’t found anything useful.

Type your comment> @slimz28 said:

Can I get some help on user? I’ve been using the “rubberband” and I’ve used _search on b*** and q***** but haven’t found anything useful.

Same here - feel like I am as far as I can go without some direction please!

Type your comment> @slimz28 said:

Can I get some help on user? I’ve been using the “rubberband” and I’ve used _search on b*** and q***** but haven’t found anything useful.

DM I can help a little

Type your comment> @mojorisin said:

Type your comment> @slimz28 said:

Can I get some help on user? I’ve been using the “rubberband” and I’ve used _search on b*** and q***** but haven’t found anything useful.

DM I can help a little

Haha as soon as I commented, I tried something and that gave me what I needed to uncover the username/passwd. :slight_smile:

Hey everyone,

I’m looking for help getting root. Found somethings that I’m exploring but can’t really narrow a path to a privesc down.

Type your comment> @slimz28 said:

Type your comment> @mojorisin said:

Type your comment> @slimz28 said:

Can I get some help on user? I’ve been using the “rubberband” and I’ve used _search on b*** and q***** but haven’t found anything useful.

DM I can help a little

Haha as soon as I commented, I tried something and that gave me what I needed to uncover the username/passwd. :slight_smile:

Have you got near root yet if you have could you give me a nudge I have user :smile: )

I’m on the box trying to priv esc to K. Super stuck here, could someone give me a nudge please? I read something about an LFI, but is this the only way?

Got user… but for root, i am trying to use the L**-vulnerabiility. When I use it the server only “chews”. No mattr if i include a reverse shell or a textfile. Isn’t this the severity we are supposed to use?

Read up on how l******h handles log files.

Phew, finally rooted. Don’t over think the privesc like I did. Look at what you have, consult the documentation to understand what’s going on, google around for some good resources, and then use a debugger to your advantage. PM me if you’re stuck and need a nudge in the right direction. Special thanks to @thegoatreich for the assist.

Just got root, as @nergalwaja says, don’t overthink it. Just connect the dots.
Special thanks to everybody who gave me a nudge in the right direction. Looking to pay it forward, PM me if stuck or in need of hints. :smiley: Good luck.

jeez, i’m getting a raw patch on my head from scratching it so hard. user was…meh. nice puzzle but i prefer more “real world” boxes. i know what i need to do after getting user, it’s just i can’t figure out how. i know what to upload and was looking into a specific CVE but i can’t figure out how to execute it. looking through the documentation (which is pretty bad in my opinion, just my 2 cents) didn’t get me any further, can anyone point me in the right direction on what to read up on? i’m stuck

When trying the K***** exploit, i’m getting a status 400 unrecognised parameter error - can someone nudge me on what I’m doing wrong here?

Ok I’m stupid.

rooted. Learned a lot about l****h , especially gk.
All hints have been already mentioned. If I have to add something about priv esc, don’t forget that \s means SPACE.

Umm, is the s* suid binary that the l******h spits out a rabbit hole ?

Yeah being stuck is being desperate :slight_smile:

I have found some B**k details and some q****s …is this a right path …how to use this info…

Rooted. The final step needed patience

Would appreciate some help with steps after user. I have been playing with a L** for K***** but when I check ports open the port shown in /etc/k*****/k*****.yml is not running. When I try what the PoC shows on port 9*** it just errors out. Not sure what I’m missing…

Update: Nevermind…

Type your comment> @wish said:

I have found some B**k details and some q****s …is this a right path …how to use this info…

i have same question with you,any hints?thanks