Aragog

So you got user.txt by LFI so what else can you see?

And think what are your possibles ways to login into the box

I started back on this again today thinking yeah I will win!!! Wellā€¦ I still cannot get root lol. I can see a dir belonging to another user, and I have found a dodgy hash that gave me nothing. Iā€™ve been looking at the wiki and it looks like something maybe automated?

JEEZ thought I was ok with this stuff, but every so often just get so very stuck. not understanding this one. I have found 2 files by different methods and if I use burp I can get some functionality (changing values displays correct results). I have tried cmd injection on this and everything I have tried fails. right track? or barking mad? plus, havenā€™t got any LFI to work, any help there would be great to, please PM me clues, not answers.

Iā€™ve found something that appears every few minutes and some files that move every 5 minutes. I cannot see where it is called from.

more hints at priv. esc? :scream:

I got a number of shells - different users, ran LinEnum etc. Found a lot of things - but after 5 days I still havenā€™t got root. ā€¦ this one is hard

@Raphaeangelo said:
Any hints on root? Iā€™ve been stuck for a few days now.

Did you have any luck with priv esc? Canā€™t seem to find anything standing out. :confused:

@owg said:
I got a number of shells - different users, ran LinEnum etc. Found a lot of things - but after 5 days I still havenā€™t got root. ā€¦ this one is hard

@DarkNight7 said:

@Raphaeangelo said:
Any hints on root? Iā€™ve been stuck for a few days now.

Did you have any luck with priv esc? Canā€™t seem to find anything standing out. :confused:

@davad said:
more hints at priv. esc? :scream:

@monkeychild said:
Iā€™ve found something that appears every few minutes and some files that move every 5 minutes. I cannot see where it is called from.

see if the site is hosting anything :wink:

Weird? The password I used to get onto said site doesnā€™t work lol

May anyone pm me about a hint? I think I have found the correct file from the system, but I always get a timeout. I was able to retrieve the public variant of that file

really could do with some pointers on priv esc. run the usual checkers and have compiled and tried them with no luck. I see thereā€™s a job that runs every so often but donā€™t have permissions to edit that. please PM me with any clues you might have.

ok must add. I do not normally port stuff nor do I usually respond to PMā€™s. saying that as sometimes itā€™s not obvious if people have spent enough time on something. but I have with this one, saying that one exploit linuxprivchecker suggested which havenā€™t tried (next on todo list). but this one is weird. help me obewan youā€™re my only hope!

post even!!

Look harder!! I havenā€™t rooted it yet, but I think I am on the right path (at last).

ok looked harder. need some help, anyone? PM me please!!

I see a weird job running. cannot say as to not spoil. but runs /usr/sbin/XXXX and in CAPS! file does not exist how is that possible?

with -f, then the other jobs which I cannot edit

I have been at this box for days :smiley:

THIS BOX IS MINE!!! At long last :tired_face: Wow! That was a journey lol