this box is a pain in the fucking ■■■. keep getting banned for trying out different enumeration services. need a nudge / hint bad, close to giving up on this…
Struggling with root. How are you able to edit sy******l ? - Getting error opening terminal: unknown and editor failed with error code 1. Please DM me.
Hi guys can someone pls give me a hint on getting user. I discover the admin panel and tried brute force it. No success. Any hint pls
Any pointers on getting privesc to p****r? Plz PM me…
Yes finally got root ^^ . Getting the user actually took me a lot longer for some reason xD nice box but,learned a lot.
someone reset it for me! lolz apparently i’ve reset the box too much today
Just rooted. Fun box!
Tips - which are already here somewhere:
Foothold: Check all the rooms thoroughly.
User: it’s not always what you’re running, its where you’re running it from.
Root: Enumerate thoroughly for the user and make sure you have a proper shell.
Also, thanks to @FailWhale for the nudge when I needed it!
Escalating to P****r was a bit squirrelly, but I always enjoy leveraging that type of vulnerability when I come across it. I don’t think I got user in the most efficient way, so I’m open to anyone messaging me to compare notes. Root was ez-pz and unique.
Hints:
User: Infoblox NetMRI 7.1.4 Shell Escape
Root: https://gtfobins.github.io, this github site is truly special. I’m surprised there isn’t one for common binaries found on Windows machines
Finally rooted this beast…i give @Phillarby all the glory, thanks bro, i was ready to give up on this one…and @letMel00kDeepr for user…thanks dude
I cant say more than whats allready been said, but i will say to those struggling with root…KISS dont overthink it like i did or its rabbit holllymolly…
I am horrendously stuck at user. Have shell at w**-d***, but have no idea how to use s******.py. Any help would be greatly appreciated!
Removed
nvm got a shell as w**-d***. Now working for user. Any pointer would be great!
Got into admin panel, but can’t figure out how to get a shell from here. Been stuck for ages so a helping hand would be much appreciated
nvm. Go it now
NVM.
Type your comment> @qmi said:
Type your comment> @jayjay25 said:
Any help on user? I’ve looked up infoblox rmi and can execute commands through the script but they run as w**-d** instead of p****** as i’m executing the script …I’m missing something simple here?
Try privesc to user
p****r
with the most used method on Linux. It’ll run any command for you as that user.
Could you please elaborate on this? The “most used method” I can think of will not work without having user passwords…
Hey there. This might seem lame but I managed to get the user flag by executing some commands. However I horribly fail to spawn a shell as that certain user. Is it possible to do so? Is it required in order to escalate to root?
I receive a ban each time I try to use some common tool to enumerate and obtain an os-shell, why??
i got stuck on w-d.
i already found simpler.py but i didnt figure out how to get pepper shell please DM for help tks
@voidhofer said:
Try privesc to user
p****r
with the most used method on Linux. It’ll run any command for you as that user.Could you please elaborate on this? The “most used method” I can think of will not work without having user passwords…
sudo
. Always try the most obvious first