Writeup

Root. :slight_smile:
hint along with the others: permissions are important.

PM if you have any questions

Type your comment> @GoatPrime said:

Root. :slight_smile:
hint along with the others: permissions are important.

PM if you have any questions

Mad props to GoatPrime for hints not give a ways! Rooted this box, extremely awesome priv esc! totally OSCP like and a huge huge heap of knowledge.

root@writeup:/# 

Nice box cheers! @jkr .

need help with root. can see what is happening upon log on. unsure of how to use this for priv sec. cannot seem to edit any files that are ran?

I’m stuck on USER, this is all new to me ya see, I think i’m running the right script. It has a certain T variable. I don’t know what to put there.

This is only my second box without tutorials so i’m struggling a bit, each one brings new concepts. DO i need to go to a certain /w*******/a**** directory with the -u flag or will IP suffice? When run it seems to hang, nothing happens on the screen but looks like the script executes.

Any help would be appreciated, a PM would be lovely, I don’t know if i’m using the right command and flags/variables in the script. TY

rooted, really nice box. user was harder than root tbh

I got the user and the hash, where does the hash been saved?

So this is my very first box, and while user was not a great problem, root is giving me a headache.
I’m monitoring the processes on the box, and am seeing what the box is periodical doing when there is traffic. I have enumerated and found a directory that isn’t readable, but writeable. But somehow I can’t chain together how to exploit this to my advantages. Obviously the solution is staring right into my face, but I’m not seeing it. Can someone point me in the right direction? Would be really appreciated!

EDIT: Nevermind, figured it out. Was right in front of me, all the time. Root!

Finally rooted! :slight_smile: This is my 2nd root and 3rd machine and having an awesome time, thank you for the hints along the way!

Can someone give me some help which cms exploit I need to use?

Type your comment> @lambord9 said:

Can someone give me some help which cms exploit I need to use?

You’ll need to find out which version is running. With a bit of research, you might be able to find a listing of when some files were installed. It would make sense for someone to install the most recent release that you can find before that date :wink:

rooted, thanks to everyone :slight_smile:

Can I get a nudge for root please? I’m stuck. I have seen where the path is leading
, is it a file upload i need to do? reverse shell or just breakout? I need a couple of nudges if possible. TY

Could anyone give me some hints? I am totally stuck.

anyone have a hint for the root? can’t get it to execute my code somehow

One of the better boxes I have attempted at!
User was pretty easy for me.

Took quite some time to get root however!
I really over complicated it for my self, and didn’t look at the right part of a certain process running.

Feel free to PM for nudges.

Let’s go! Awesome privesc section thank you for the box.

help!!! root : what process should I pay attention to?

Stuck on user. Can anyone help me with the format of the T*** variable in the exploit?

Think i’m on the right track but I’ve been stuck in the same spot for a little bit now, could use a nudge