Jarvis

this box is a pain in the fucking ■■■. keep getting banned for trying out different enumeration services. need a nudge / hint bad, close to giving up on this…

Struggling with root. How are you able to edit sy******l ? - Getting error opening terminal: unknown and editor failed with error code 1. Please DM me.

Hi guys can someone pls give me a hint on getting user. I discover the admin panel and tried brute force it. No success. Any hint pls

Any pointers on getting privesc to p****r? Plz PM me…

Yes finally got root ^^ . Getting the user actually took me a lot longer for some reason xD nice box but,learned a lot.

someone reset it for me! lolz apparently i’ve reset the box too much today

Just rooted. Fun box!

Tips - which are already here somewhere:

Foothold: Check all the rooms thoroughly.
User: it’s not always what you’re running, its where you’re running it from.
Root: Enumerate thoroughly for the user and make sure you have a proper shell.

Also, thanks to @FailWhale for the nudge when I needed it!

Escalating to P****r was a bit squirrelly, but I always enjoy leveraging that type of vulnerability when I come across it. I don’t think I got user in the most efficient way, so I’m open to anyone messaging me to compare notes. Root was ez-pz and unique.

Hints:
User: Infoblox NetMRI 7.1.4 Shell Escape
Root: https://gtfobins.github.io, this github site is truly special. I’m surprised there isn’t one for common binaries found on Windows machines

Finally rooted this beast…i give @Phillarby all the glory, thanks bro, i was ready to give up on this one…and @letMel00kDeepr for user…thanks dude :slight_smile:

I cant say more than whats allready been said, but i will say to those struggling with root…KISS dont overthink it like i did or its rabbit holllymolly…

I am horrendously stuck at user. Have shell at w**-d***, but have no idea how to use s******.py. Any help would be greatly appreciated!

Removed

nvm got a shell as w**-d***. Now working for user. Any pointer would be great!

Got into admin panel, but can’t figure out how to get a shell from here. Been stuck for ages so a helping hand would be much appreciated

nvm. Go it now :slight_smile:

NVM.

Type your comment> @qmi said:

Type your comment> @jayjay25 said:

Any help on user? I’ve looked up infoblox rmi and can execute commands through the script but they run as w**-d** instead of p****** as i’m executing the script …I’m missing something simple here?

Try privesc to user p****r with the most used method on Linux. It’ll run any command for you as that user.

Could you please elaborate on this? The “most used method” I can think of will not work without having user passwords…

Hey there. This might seem lame but I managed to get the user flag by executing some commands. However I horribly fail to spawn a shell as that certain user. Is it possible to do so? Is it required in order to escalate to root?

I receive a ban each time I try to use some common tool to enumerate and obtain an os-shell, why??

i got stuck on w-d.
i already found simpler.py but i didnt figure out how to get pepper shell please DM for help tks

@voidhofer said:

Try privesc to user p****r with the most used method on Linux. It’ll run any command for you as that user.

Could you please elaborate on this? The “most used method” I can think of will not work without having user passwords…
sudo . Always try the most obvious first