onetwoseven

That one was not easy at all.
After a few days finally rooted!
Thanks, @jkr !!!

PM me if you need help

the easiest root i have done;
kidding that was a ā– ā– ā– ā– 

I think I understand whatā€™s going on for upload, but I canā€™t seem to get it to work. Can I run this by someone via PM please?

Very cool boxā€¦not an easy one, but entertaining all the way to getting that root.txt

Got root. PM if you need a hint :slight_smile:

Type your comment> @thepioneer said:

@gaius, @wabafet i think all users work :slight_smile: you have to use the right Optio-N for s**

??

Got root, but was wondering if someone would clarify something for me about the a-g process. The target has two potentials in s******.l*** and is happy to get the initial file from either but will only ever pull the others from a specific one. Why is that?

Can anyone send me hints in pm about escalation to root?

nice :slight_smile: finicky box :blush:

guys, stop resetting the box so often

Anyone got a hint about avoiding the ā€œis no longer signedā€ message in at-gt?

EDIT - GOT IT! PHEW!

That was tough.

Can someone please reset the box.

Got root! This box was very satisfying from beginning to end. It was especially interesting when I got to play around with a linux repo, I was always curious about how they worked.

Feel free to PM and Iā€™ll offer whatever help I can.

I found a vim swap file, and in it it there is some php that mentions the admin interface, on port 60080, and there is also the admin password that I cracked. But there is nothing listening on port 60080. Iā€™m not really sure where to go from here can someone help?

rooted!! I really love this box, itā€™s long but i really prefer these ones, many steps but perfectly concatenated, in every single one of them thereā€™s something that lead you to the next one, no guesswork but hardwork (specially the last one) and others teach me to be patient and do a thorough analysis before discard anything, because as i said, everything you need is there, hidden in plain sight.

I liked specially the upload part, take me some time to find what i had to do but very satisfying when I finally realized it. Very smart, congrats to creator.

Last step for root itā€™s a really good one, implies some job and some research (at least for me) because i hadnā€™t deal before with something like that and when i thought i had found the way, none of the examples i found were exactly the same context but them definitely put me on the right path and after some work, got it!

Feel free to ask me by pm if you need some hints.

That was a lot of fun, great box @jkr !

Getting root, I learned a lot about packages and how they get secured. And that just seeing what a tool requests and putting files in the location is easier than following an article where the files should be initially.

And looking forward to ippsec video where it all will look very simple

Very fun box! :slight_smile: rooted

Is it just me or is connectivity to this box super flaky? Canā€™t even run dirb/etc

Type your comment> @gorpig said:

Is it just me or is connectivity to this box super flaky? Canā€™t even run dirb/etc

You sure youā€™re not getting caught by brute force prevention? e.g. Donkey?