Craft

Rooted! It was a good box for an AWAE student

So much fun!
Hmu for hints.

I enjoyed that. There were several “wtf now” moments and getting the payload to work without any feedback was infuriating.

PM if you need hints.

Well crafted box! Enough clues to lead you around and pays off in the end to read things. Lots of fundamental stuff to learn here for many, but not so tedious to be (overly) frustrating.

Type your comment> @nullorzero said:

I am stuck at user. I have creds, token and one place to use them. Still stuck.
Asking kindly for help.

Same boat. I know where the vuln is, but the obvious exploit doesn’t seem to work.

Type your comment> @extincted said:

Found some creds, and at token. Used the credentials. Need a pointer of what to do. Feels like I am missing something. DM me if you got some spare time :slight_smile:

Same situation here, can someone DM? Thanks in advance.

Hi, I found creds and so token, successfully added elements to the dB via b**w, but I have no clue what to do next to get to the system.
Could someone give me a little hint, like on what should I focus on?
of course I don’t wanna be spoiled, I want to learn by myself :slight_smile:

Can someone please PM me about the syntax for a shell. I’m getting some really weird responses back and can’t seem to connect.

Finally I understand what I have to do and can continue. User hint: EVALuate the code.
Edit: got root shell, looking for user and root hashs. :stuck_out_tongue: (is a jail)
Edit 2: got user, now fight to get root.

i’m root but where is the hash? ahaha

Hi anyone! I have a shl in the dr coner, found db c**s, but no idea how to move forward:( Please, give me a little nudge to the right direction via PM:(

Hi, can you guys let me know if privesc to root is related to vt s**s? I am running mad with privesc :frowning:

Later edit , it is related … used the one liner found in one of the documents , could not make it work with other otp instructions.

Even if box is rooted with no help I did not understand too much about the software stack , f**k documentation.

Type your comment> @killinem said:

Hi anyone! I have a shl in the dr coner, found db c**s, but no idea how to move forward:( Please, give me a little nudge to the right direction via PM:(

Same boat here! Driving me nuts!

Finally rooted! Nice box.
PM for nudges :slight_smile:

removed after reading previous comments and realising it could be a spoiler

hehehe, rooted, was my first day seeing V****. Took me about 2 hours of documentation to finally hit the correct syntax.

User: there are some misguiding stuff in this forum I believe. what is too close to your eyes might not be the way In. and for the code part, you really have to look around, past,present and future.
for jailers, get In, get out, and get back in :slight_smile:

Root: is right there but you have to learn about what and where are the juicy stuff at and what can I do.

& as usual my door is open for help :slight_smile:

Got root. =D
Amazing machine!

Root: Look the all the code with the second user and read the site documentation about v***t this will give you root. =D

finally rooted ! it really was an amazing box, it felt really realist and i learned a lot of things! thanks to @adelmatrash and @felixgmathew for their help

I was able to validate a t***n, however, I’ve yet to find a way to use the **I maliciously. I would really appreciate a nudge via PM.

This was a really fun box, very fun and straightforward once you find what you’re looking for.

Shoot me a message if you need a nudge for root.