Writeup

can somebody help me out with root in jkr

need help

Rooted!
user: Fun exploit that I hadn’t used before. Fairly straightforward, don’t reset the box just because your IP get’s banned, Try Harder than basic scanning tools.
root: The tool everyone is talking about shows you everything you need. It’s actually pretty simple once you enumerate and understand what’s happening with every piece of the command that’s being run. Find the correct directory and understand the errors that you should and shouldn’t be getting.

Still stuck in root! I think I’ve found the process and directory where I can try to exploit but have no idea how to move forward. Can someone help me out on that?

hey can someone please give me a nudge on getting root.txt

edit: is it something to deal with C***

can anyone please PM about T variable

I really enjoyed the ■■■■ out of this box. I think mostly I learned that sometimes enumerating harder means looking more closely at what you already have rather than searching for more.

Anyone could give me hint on T var ? Tried many different options, all of them whe exploit completes show many empty gaps…

please, give me hint on priv esc in *.pl

easy box… took a little while to get user, but root was QUICK. I am not sure why is everyone trying to exploit a service, also read in few comments about pspy (maybe, I rooted in an unintended way). Root is super easy, take a break and enumerate again. DM for hints.

Type your comment> @sodra said:

Still stuck in root! I think I’ve found the process and directory where I can try to exploit but have no idea how to move forward. Can someone help me out on that?

try basic enum again, there has to be something which allows you to read and execute

Wow, this took me way longer than it should have! I had to sleep on it before doing additional enumeration on the root part to figure out what was going on. During previous attempts, I peeked at a peculiar script someone had put in user’s home directory but I did not understand what the contents were doing. I eventually pieced all the clues together and finally wrapped my head around what was going on. You’ll smack yourself for not seeing it the first time!

My tips:
USER: Don’t waste time trying to gain access to something you don’t need access to.
ROOT: Not much more than what’s already mentioned. Use the aforementioned tool and enumerate until you find something exploitable.

Been at this a while now. I fear this box may have me beat. For root, not sure whether to focus on m***.d or *******.pl (or neither). I see references to PATH, but not sure where to go with that. I do see PATH information by using the aforementioned tool, of course, but not sure how to proceed. Any well-placed nudges for a poor soul who is at this stage?

Still working on user. I found /w*****p/ and /a****n. I know what technology its using but not the version, search for the exploit and see a lot. I wonder if im on the right path, if not… some help or a nudge would be greatly appreciated.

Edit - No worries, i got user. Onwards to root, thanks guys for your comments. Any hints or nudges for root are welcome : )

@Sh1v3rSt3w
run* man ruuuun

Root feels nice… Next !!
Pm me if you need help

can any body help me i found that ape server 25 is venerable but find any exploit for it

Type your comment> @sazouki said:

@Sh1v3rSt3w
run* man ruuuun

Okay, I’ll be thinkin’ on this tip. Thanks much. :smile:

can any body drop a hint???

Can anyone tell me what pspy means/stands for? :slight_smile:

Can anyone PM me about root. I found the user flag easily, but having a really hard time with root. Been logging in and watching with py, but I’m not understanding how to escalate privs with ph. I’ve ran enum and privesc checker scripts, but still not understanding what to do. I’m a noob to privesc.