Valentine

I think i figured out what has to be done with the rsa key thanks everyone

suggestion → use the python exploit and use grep to filter the junk out :wink: may need to run it a few times before you get the goods

i got root.

there is a real problem with this box to grab the correct dump, I spend a night sending hundreds of times the msf related exploit , grep and so on , then use python exploit that gave me poor dump results, I finally decide to upgrade to VIP account and after 5 minutes I finally get the good dump !
I don’t know if it’s the attended way but it gives a good call to VIP membership !

Spoiler Removed - Arrexel

Alright, I am stuck on this one. I have enum and found the information i needed (I think). Used both python and msf, and got info decoded from there. Just not sure how it all goes together. Am I missing something? Can some one point me to sites i can read? Just need a nudge in the right direction.

I’ve seen a couple of people having issues with this one. Various tool scans seemed to be reeeeeeally mess it up. Just keep hitting the box with the well known exploit (maybe try times with lower users) and you’ll get what you’re looking for.

Got user! thanks… off to root

Yeah if you’re not seeing a certain encoded string in the raw output of the exploit, just keep running that same exploit until you get it. I was pulling my hair for hours thinking I was doing something wrong.

@dsplice said:

@jkm said:
Got passphrase but no clue on username. can someone help

Same here. Just stuck looking for that username

username if in front of you just think a little not to much :wink:

@multi said:
Any idea on how to get through the encoding and decoding process ??

you really dont need to use those encode and decode files if you have the encoded file then what kind of encode it is and then try decoding PM if need help Telegram @m4rkm3n

Spoiler removed - Arrexel

PM me i anyone is stuck

@Brt32 said:
I got the public key and key identifier . After what ?

The key is encrypted so what do you need to do with it before you can use it? Also, think of what you can use it for.

I’m trying to get priv esc using the dirty method but when I try to SSH using the elevated account credentials, I keep getting permission denied. Am I missing something?

Patience…

Can’t find the username for ssh :frowning:

Nevermind just found it :smiley:

Did you guys have to format the key before using? Or did you use it in the format as it was found? I formatted it once by removing whitespaces and new lines and it successfully worked, but unable to reproduce the formatting. The key is not working if I use it in the format it was found.

@swatcat91 sounds like you have a plan

So i got passed user flag, but see no way to root… I love learning, but have no idea were to look on this one. I have enum, ran a few exploits that just crashed, and some that just didn’t work. I think i have sudo power but no pass for the user. if someone can point me in the right direction I’m sure i can find the answer.