Jarvis

Rather new, could really do with a nice hint towards the initial foothold, I’m looking at the right page I think, but when I attempt to check a certain file through the URL I get nothing.
Edit: My extended dirbuster found something!

Hey guys,
I got pn creds by using sp , I found a LFI on p****n page also but I couldn’t get a shell. I usually get ssh rsa key to get a ssh shell but seems like that doesnt work on this box .

Rooted
It’s was a good box, thank you

Yeah, no. I’m stuck, could use some tips!

I am really stuck trying to get user. If anyone could PM me some help, I’d appreciate it.

Heya,

I seem to be stuck where a lot of people are trying to get user. Trying to get that one script working in my favor. Read through all the discussion but still can’t get it. Any help is appreciated.

Edit: After fiddling around a bit I managed to get a shell for user, hurray. On to root.

Edit2: Looking for assistance with S********tl. Looking around at some resources to see how I can leverage it to get root.

Edit3: Rooted with some assistance. Thanks to everyone who left a hint in this thread.

Coming back to this box after a few days, and wouldn’t mind a nudge on root. I am in as w**-d****. have found s*******l.

I think having a shell as w**-d*** is causing issues. I can’t seem to leverage s******.p* to get to the “other” user.

Am I in a rabbit hole?

Thanks

OK so I got user, looked around for something to exploit found s*******l and a script I could use to possibly escalate and face-planted my laptop through lack of sleep (thanks HTB, good learning curve) am I on the correct route to root, confirmation required if anyone has it, cheers :slight_smile:

stuck at the beginning…
i’ve found creds using sq***p but i don’t understand where to put them…

Type your comment> @cptUP said:

stuck at the beginning…
i’ve found creds using sq***p but i don’t understand where to put them…

try diggin deeper in this tool’s functionalities :wink:

@mojorisin said:
OK so I got user, looked around for something to exploit found s*******l and a script I could use to possibly escalate and face-planted my laptop through lack of sleep (thanks HTB, good learning curve) am I on the correct route to root, confirmation required if anyone has it, cheers :slight_smile:

yes :wink: im stuck there also

rooted. thanks @krypt0s for the hints.

Rooted wow what learning curve, cheers to all that nudged you know who you are ?

Jarvis ? Rooted :wink:

Rooted. I think one wouldn’t be able to do that easily if not familiar with Linux things in general. Anyway, interesting machine, thanks a lot!

Could use some help on root. I know the service I am attempting to exploit, but my syntax is f*cked. Been to GTFObins and a few other sites to attempt a troubleshoot.

If someone wouldn’t mind messaging me to have a look at my syntax I would appreciate it.

Thanks

Rooted! PM if you need help

Quite a fun machine. Learned some things, specifically when getting user. Root was pretty straightforward, so much so that I actually didn’t look at the obvious things to look at.

Finally rooted Thanks to @six2dez for correct direction.

Finally rooted this box!

USER: Enumerate every page and every room! Just like in Swagshop, LEARN the tools you’re trying to exploit.
ROOT: Use some tools and enumerate. Google is your friend. Fairly straightforward.

Feel free to PM me for any hints or nudges. I’m happy to help!