Ghoul

Type your comment> @CyberMnemosyne said:

Finished - but only through massive amounts of help from @phase, @badbit and @leonishan.

Too long, too many trolls, too many random guesses and then a final, you only have 30 seconds to complete this last pivot thing.

As interesting as some of the exploits were, they could have been split into different challenges .

This is the movie you skip and wait until it comes out on video.

Your movie analogy is the most accurate description of this box I think I’ve seen. Went to see it (do it), was kinda pissed I spent “money” (time…) on it, and now wishing I’d just waited for it to come out on video (retire) instead…

Oh well ?‍♂️

Finally …find the root flag … Its very nice machine and at somepoints its irritating me … But overall good machine !

Need some help in root of ghoul I think I have the gained the max. foothold and I’m at the last stage of it

Well, finally rooted.

The foothold for user was by no means a stretch of the imagination.

Root on the other hand… Jesus Christ. I honestly can’t possibly recommend this box to anyone. If you have multiple days to simply set aside and dedicate solely to this box and this box alone, go right ahead and try it. Otherwise, don’t even bother. I managed user on this machine in about 2 hours, and that was almost 2 months ago. I just got root last night after an on-and-off 2 month long battle. Granted, I took multiple breaks from this (because I had to, honestly), but root took so ■■■■ long regardless…

Best of luck to anyone else working on root for this one… It’s a ■■■■■■■■ doozy.

rooted, we should have a badge after root this machine.
i want my badge !!!

THIS BOX GOES ON FOREVER!

Edit: rooted
This box was waaaay too long. I’ve been at it over a week and even with some pretty substantial tips there were times where it just seemed there was no way forward. It’s not hard, its just annoying,. That said this box really challenges your ability to think creatively with what is possible when your usual tools are several hops away. The box gets far more interesting the deeper in you get.

That’s a nice compliment! Thanks for trying out the box and yes , we’ll try not to make a path so tedious from the next time.

Really struggling to get past /us/l*.h at the moment. I’ve enumerated pretty hard and seen a bunch of hints I’ll be damned if I can guess my way in. Did some wordlist building with cewl and let hydra run at it for a while.

I’m currently going back over enumeration and seeing what else I can dig up. Would appreciate a bit of a tip here though - is there anyone I can pm abou this?

Type your comment> @smidgey said:

Really struggling to get past /us/l*.h at the moment. I’ve enumerated pretty hard and seen a bunch of hints I’ll be damned if I can guess my way in. Did some wordlist building with cewl and let hydra run at it for a while.
You should see with further options go to higher port and do more enumerations its easier then u think try wht u always try (big hint there ) once ure there u will see through it

My journey is not finished yet it felt awesome getting the user with all the pain that i have been through from the beginning till now i would say its unfortune that this box is only 40 pts the road to root seems exhausting big thanks to @MinatoTW you made great work there i have learned alot untill now thank you

Thanks @lfabname, glad you’re enjoying it! And don’t forget egre55, it wasn’t possible without him. :wink:

please help me with this machine can’t find the uploaded file path

Type your comment> @manitorpotterk said:

please help me with this machine can’t find the uploaded file path
hint for anyone doing this box:
Check the services, find out what are their defaults. On initial step try to put your own data there. When you get inside, check the settings of all exposed services – all of them where configured more or less.

Rooted; took me 3 weeks of off-again on-again attempts. Thanks to @ChiefAG for all the nudges.

I don’t even have a good hint to post for anyone struggling. Sorry, this box is certainly mind-bending.

It wasn’t that insane. If you enjoy pivoting then it’s fine.
The creds being massively buried in a very weird and non-human way was the maximumly heavy lift here. That erased a day. Or two, or nine.
But yea we should have a badge and it should have been a SICK looking badge.

Good luck people of earth.

pps-
Just googled maximumly. It’s a word.
Deal with it.

Need help finding where my files are uploaded.

Can anyone chuck me a nudge for user please I have user access as N*** and have a www***** shell not sure where to go from here.

I have been going at this box for a long time now and I have finally gotten so stuck I don’t know where to go next. I could really use a nudge. I have rooted G*** and gotten the a****-***.7z.

EDIT: I found the interesting stuff in a****-.7z and escalated but now I think I’m one step away and don’t know how to exploit k**_adm.

EDIT 2: nm, rooted.

ok, So i have the user flag, can someone help me with the root flag, I am not sure how to enumerate the box, I get i have to pivot out of the environment but unsure how to do so. any help would be appreciated :slight_smile: