Jarvis

Type your comment> @S7uXN37 said:

What a box. I got really stuck on the initial foothold because I wasn’t ready to redo every step a second time - turns out I already tried the correct thing early on but it somehow didn’t work.
From www-data to root took me 4 reverse shells, so that was interesting.

I personally learned the most from coding it all into a python script to automate getting to user. From there to root you can have a nice shell at least.

I should also pay more attention to the little things in enumeration for privesc, sometimes it’s only one line that makes all the difference even if it’s not even highlighted.

If you need a nudge, feel free to PM me :wink:
Thanks to @saminskip and @CRYPT0HEX for the help on getting in!!

No problem <3

Any help on user? I’ve looked up infoblox rmi and can execute commands through the script but they run as w**-d** instead of p****** as i’m executing the script …I’m missing something simple here?

Can I please get a hint for root. I have enumerated but don’t know what to look for.

i stuck at w*a. at Si.*y i tried to run command as user and inject command in parameter -p
but it still not work
DM me please

Type your comment> @jayjay25 said:

Any help on user? I’ve looked up infoblox rmi and can execute commands through the script but they run as w**-d** instead of p****** as i’m executing the script …I’m missing something simple here?

Try privesc to user p****r with the most used method on Linux. It’ll run any command for you as that user.

Got root :wink: PM me if you need help

Could use assistance with root, I see the s*****.**l but I don’t think I’m running the custom service I made?

finally rooted! thanks a lot @LordImhotep

anyone need a nudge PM me

Finally rooted, really liked that box as it taught me lots about Priv-Esc (not all applicable to that box, but when doing research you stumble across that goldmine of info on Linux PrivEsc).

Generally a straight forward box, well done, thank you @manulqwerty & @Ghostpp7

Also thanks to @Gn0m3h4ck3r for the help!

i have got reverse shell in w**-d*** but can`t move to p**** and read the .p* file…

rooted. pm are welcome.

Finally rooted. Thanks for all the very good hints! Learned something new again.

Tip for root: copy your public key into authorized_hosts and just ssh in. I was unable to modify the system administration stuff from my reverse shell. I ssh’d in properly, and the same exact steps worked perfectly.

This is such an obvious advice but I didn’t think of it. It makes everything so much more comfortable.

Finally rooted. Nice box.

Thanks to @S7uXN37 and @a1mops

nice machine. root was cool :smile:

Rooted!

Nice box :slight_smile:

i am stuck at wa. at Si.y i tried to run command as user and inject command in parameter -p but not working bc the forbidden ch*
any hint?

Just rooted the box but I feel like I did it in an unintended way. If anyone wants to discuss the solution or need some help, PM me!

finally got there and ranked up :slight_smile:

Fun box. Learned a lot. :slight_smile:

stuck in the filtered command, search anything on google but still cant beat “got you”