Scavenger

I found a user, my way to root
User hint:
Enumerate everything that you found, do not forget about UDP.
User flag hidden very deep
thanks for the tips
This machine has a lot of rabbit holes

finally rooted!!
thanks @ompamo for creating this challenging machine.
thanks @beorn @donkey for giving me some nudges
feel free to PM me for hints

Rooted it was a crazy box with many rabbit holes

need hints for the following steps, I got the s****.**p to work, then too much rabbit holes. and can’t get anything useful

Finally got Root! Anyone willing to share their notes? this one was frustrating and all over the place.

I’ve done the first s**i and now there are so many places to look at that I’m not quite sure where to start (well I’ve started in the sense that I’ve tried to enumerate what I can). I would very much appreciate a small hint on where to focus as I feel that this is going to take forever otherwise. Thanks!

Went through all the enum as far as the s***l> @Tohzzicklao said:

Type your comment> @Greenou said:

Type your comment> @Tohzzicklao said:

@farbs said:
Staring this stupid insect in the eyes right now… I’m in, but need some clarity. Any nudges?

The stupid insect’s eyes hide a valued secret at plain sight (you could think it’s from someone else). And it’s willing to share it with you without knowing who you are.

I hope this is not spoiler lol.

Stucked here too atm, I am in the guts of the insect but because its a ‘young’ insect, found no public weaknesses.
Appart from a few internal paths, did not find anything interesting :frowning:

Maybe you’ll need to try bigger dicts to find it. No need to get into the guts of the insect. And read carefully my words between brackets xD

I went through all of that, been using what I found there and even got some creds, used it to dump some more data… but I’m really lost now, any hint ?

is pw***s a rabbit hole? i got admin creds, but is toooooo slow. help pls :frowning:

Agh, anyone knows why that page goes so slowly, is it a rabbit hole? Should I look another place?

@scentlxss said:
Agh, anyone knows why that page goes so slowly, is it a rabbit hole? Should I look another place?

???

if there is anyone willing to DM to discuss what I think the approach to user is? I have the “hidden” sites and RCE

Rooted. God, this box was full of rabbit holes. Went down them ALL. Did anyone get a proper TTY shell by the way?

Hint for root: don’t be dumb. find that “something” and… dump.

Spoiler Removed

Made it inside the insect… found s*l.p but returned nothing… is this the right path?

I have RCE as user i*3. My understanding is that I have to move laterally to other users before I can get the user flag. I have enumerated the system as far as I could (find, grep, the usual stuff on the usual configuration and Web application files). However, though I found credentials for another service, it seems I can’t make progress. Could anyone give me directions on where to look further?

Type your comment> @davidlightman said:

I have RCE as user i*3. My understanding is that I have to move laterally to other users before I can get the user flag. I have enumerated the system as far as I could (find, grep, the usual stuff on the usual configuration and Web application files). However, though I found credentials for another service, it seems I can’t make progress. Could anyone give me directions on where to look further?

hint: incident logs.

Got user and a tty, I’m at the final step. I think I’m in a rabbit hole for root though - can’t seem to escalate. Got the string, I know where to put it, but somehow it doesn’t work. Can any one confirm if the -oo-.- file from the -.p–p file is the correct path? :smiley: Thanks!

Type your comment> @tress said:

Got user and a tty, I’m at the final step. I think I’m in a rabbit hole for root though - can’t seem to escalate. Got the string, I know where to put it, but somehow it doesn’t work. Can any one confirm if the -oo-.- file from the -.p–p file is the correct path? :smiley: Thanks!

Keep going. you’re almost there.

Hi all, I am having trouble viewing pages, I’ve not done anything with vhost before. I have added the IP and domain to my h— file but get the error page. I have dug up some more domains but get the same error page. can someone please send me a message with a little help on the foothold?

Type your comment> @tress said:

Got user and a tty, I’m at the final step. I think I’m in a rabbit hole for root though - can’t seem to escalate. Got the string, I know where to put it, but somehow it doesn’t work. Can any one confirm if the -oo-.- file from the -.p–p file is the correct path? :smiley: Thanks!

I’m in the same spot and it’s driving me crazy!