Jarvis

I need some advice to escalate from wa to pr. I know how to abuse the exploit to have a reverse shell but with no priv esc… Can anyone PM, please?

Ok so for initial foothold ive enum’d 3 different tools to reveal the creds for /ph**n and i know theyre the right ones, but for some reason its spittin error that it doesnt exist or cant retrieve the page?? wtf am i doing wrong? Ncr and Hyd are running for 24hrs with no end in sight…feelin pretty frustrated

Let me note that i am running an older system AMD PHENOM II, so cred cracks take alot longer than usual but with a flag set to end when 1 is obtained and its been running for a whole day seems highly unusual

The M*****t exploit is the LFI-RCE which i know is the right one because it lines up with ph*******n version

Anyone can help me with the sy******l exploit? Can’t find out the service needed?
Thanks in advance.

Funny, there are so many users pounding on JARVIS that it is almost impossible to not step on each others feet. In my first attempt my enumeration found several exploit helpers left over by others, I got initial foothold and user with ease. I thought that this was all too odd and not fitting any hints given here. Indeed, when I tried later (presumably after several resets) all of that was gone. Nonetheless, I figured it out. So I did this box twice… Interesting challenge, though. Many facepalms. Reminds me what one of my professors in CS theory said when he presented a tricky proof (he was not a native speaker): proof is easy but very difficult…

got user, thanks to @phillarby for keeping me on the right track, now onto root root

im on root, and im trying my hardest to figure out sy*****tl using the enable flag by calling my script keeps spitting “no file or directory found” which is strange cuz im running it in the same directory thats housing it…lol i know im doing something wrong but i cant figure for the life of me what it is…and its so frustrating cuz im sooo close…a gentle poke might help :slight_smile:

I’ve been busy for many hours trying to figure out the foothold. I’ve tried 3 different tools. Checked out the rooms, pictures, LFI and bruteforce p********n. Could someone perhaps nudge me in the right direction, please?

stuck in the same spot, not sure how to proceed. have p********n but cant figure out where to go from here. thanks

still stuck on root sy*l i created the .se file and try to enable with proper flags, but it keeps spittin “Failed to enable” not found, im not too privy and im reading up as much as i can, i hope this doesnt spoil… but if anyone is up to discussing ideas or other tactics please pm me :slight_smile:

Woohoo!! got user and root in one day after banging my head against a brick wall for a couple of weeks. Need to think outside of the box and one database related comment was what through the brick wall. All hints needed to root this box are already in the forums. if you are really stuck then re-read the forum again and again until something clicks. Oh, google is also a great help. Added another couple of sites to my bookmarks.

Okay, I’ve been banging my head against the wall on Root for a few days now. I’ve seen a few posts on needing to get a more stable shell to properly interface with sysl, (s) - which prompts me for a pw. Can anyone point me towards information on how to either 1) reset the user account password without knowing the password to begin with, 2) setup the more stable shell (s) for an account without having to know the current password, or 3) obtain the current password for the user account? Without doing this step, I’m stuck at various sys****l errors trying to get a ser**** to run.

I’m trying to create a service, but when I try to start it from the location where I can write, it throws an error saying no such file found. Badly stuck on the root priv esc part.

Hi guys ! Can someone please give a nudge on getting root . I got the user but dont know how to get root.
Any help pls :slight_smile:

this box is a pain in the fucking ■■■. keep getting banned for trying out different enumeration services. need a nudge / hint bad, close to giving up on this…

Struggling with root. How are you able to edit sy******l ? - Getting error opening terminal: unknown and editor failed with error code 1. Please DM me.

Hi guys can someone pls give me a hint on getting user. I discover the admin panel and tried brute force it. No success. Any hint pls

Any pointers on getting privesc to p****r? Plz PM me…

Yes finally got root ^^ . Getting the user actually took me a lot longer for some reason xD nice box but,learned a lot.

someone reset it for me! lolz apparently i’ve reset the box too much today

Just rooted. Fun box!

Tips - which are already here somewhere:

Foothold: Check all the rooms thoroughly.
User: it’s not always what you’re running, its where you’re running it from.
Root: Enumerate thoroughly for the user and make sure you have a proper shell.

Also, thanks to @FailWhale for the nudge when I needed it!