Node

hmm found an interesting folder running a process, but not sure how to use it

So I can get the root.txt, but I can’t manage to get a root shell out of it. Any tiny little push on that?

Been banging my head against this for a couple of days now. Got the initial foothold. Got access to another user (Got user.txt). Priv Esc has me stumped. Can someone confirm it has something to do with a certain file that takes a crazy string as one of its arguments?

yep> @whipped said:

Been banging my head against this for a couple of days now. Got the initial foothold. Got access to another user (Got user.txt). Priv Esc has me stumped. Can someone confirm it has something to do with a certain file that takes a crazy string as one of its arguments?

yep, analyze it

any suggestion in how to move from one use to another in this particular box? already got one but is not the one with user.txt.

nevermind I think I found it around the tasks :slight_smile:

Hi guys, i’m stuck with privesc. I’ve been trolled by ****** file when i tried to read the root flag. Can anybody give me a nudge, pls? thank you :slight_smile:

Hi, I’m trying to download the b*** file but it always hangs in the middle, is this part of the challenge?

@3mrgnc3 said:
fcra [TAB]
:wink:

Yep… but I still cannot find pwd
:slight_smile:

@xabaras said:

@3mrgnc3 said:
fcra [TAB]
:wink:

Yep… but I still cannot find pwd
:slight_smile:

FOUNDEDIT!

I’m going crazy with the backup-file. I found an similiar file on one of the challenges but I just don’t get it.

The backup file is password protected.
Try to crack it.

i have shell as mark and see app.js running as tom …but I can not get shell as tom…Can anybody give me some hint, pls?

So everybody here managed to crack the backup file? John doesn’t work for me :frowning:

@fingeron said:
So everybody here managed to crack the backup file? John doesn’t work for me :frowning:

first figure out what kind of file that is, then it’ll be easier to crack

@RealShell0ck said:

@fingeron said:
So everybody here managed to crack the backup file? John doesn’t work for me :frowning:

first figure out what kind of file that is, then it’ll be easier to crack

i cracked but stuck on what to do next. nothing useful i able to find there. any gentle hint?

If you cracked the back-up file and didn’t find something glaringly obvious on how to get a foot hold you need to look again.

I have a shell as the user that does not have access to the user.txt file… I see the user with access to that file running couple of processes. Any hint on how to switch to that user?

Could anyone give me a hint on the file? I’ve managed to obtain it but can’t work out how to use it. Have followed the suggestions in the thread but doesn’t seem like the file is an encrypted archive like suggested.

Thanks.