onetwoseven

Can somebody please give me a hand using sym**nk to get anything meaningful?

I understand the path to root, but I’m struggling getting any tools to work over tun0, any recommendations on how to proceed?

Could I get a nudge? I have access to the a**** portal, and I’ve found a way to manipulate the H*** in to letting me post a file using the web-form itself, but I cannot seem to get a .p** file on to the server that I can call. I think it’s something wrong with my request but I’m not sure.

That one was not easy at all.
After a few days finally rooted!
Thanks, @jkr !!!

PM me if you need help

the easiest root i have done;
kidding that was a ■■■■

I think I understand what’s going on for upload, but I can’t seem to get it to work. Can I run this by someone via PM please?

Very cool box…not an easy one, but entertaining all the way to getting that root.txt

Got root. PM if you need a hint :slight_smile:

Type your comment> @thepioneer said:

@gaius, @wabafet i think all users work :slight_smile: you have to use the right Optio-N for s**

??

Got root, but was wondering if someone would clarify something for me about the a-g process. The target has two potentials in s******.l*** and is happy to get the initial file from either but will only ever pull the others from a specific one. Why is that?

Can anyone send me hints in pm about escalation to root?

nice :slight_smile: finicky box :blush:

guys, stop resetting the box so often

Anyone got a hint about avoiding the “is no longer signed” message in at-gt?

EDIT - GOT IT! PHEW!

That was tough.

Can someone please reset the box.

Got root! This box was very satisfying from beginning to end. It was especially interesting when I got to play around with a linux repo, I was always curious about how they worked.

Feel free to PM and I’ll offer whatever help I can.

I found a vim swap file, and in it it there is some php that mentions the admin interface, on port 60080, and there is also the admin password that I cracked. But there is nothing listening on port 60080. I’m not really sure where to go from here can someone help?

rooted!! I really love this box, it’s long but i really prefer these ones, many steps but perfectly concatenated, in every single one of them there’s something that lead you to the next one, no guesswork but hardwork (specially the last one) and others teach me to be patient and do a thorough analysis before discard anything, because as i said, everything you need is there, hidden in plain sight.

I liked specially the upload part, take me some time to find what i had to do but very satisfying when I finally realized it. Very smart, congrats to creator.

Last step for root it’s a really good one, implies some job and some research (at least for me) because i hadn’t deal before with something like that and when i thought i had found the way, none of the examples i found were exactly the same context but them definitely put me on the right path and after some work, got it!

Feel free to ask me by pm if you need some hints.

That was a lot of fun, great box @jkr !

Getting root, I learned a lot about packages and how they get secured. And that just seeing what a tool requests and putting files in the location is easier than following an article where the files should be initially.

And looking forward to ippsec video where it all will look very simple