Zetta

Finally rooted. What a box! Enjoyed every minute of it, thank you @jkr!

Root - thankyou for the nudges @v1p3r0u5

need some nudge with r**** guys

Got the user. One of the hardest users ever.

rooted. Thank you @v1p3r0u5 for nudges. Also thank you @jkr for the box.
For root:
I wanted to obtain a reverse shell by r-----g s–i, but my reverse shell was unstable. So I got s-- creds from the machine in a short period of time. Not sure this is the right path.

hmm… it took very long time to b*e backup service with help of np script… yes?
Edit: Its was my mistake. Rewrite n
p script and then got user.
Edit2: Rooted!
Very nice box! Thanks @jkr !

I’m user, got some creds. Get some hidden file as user.
Great ! Whats next ? didn’t noticed anything special in all the file i’ve grabbed from these hidden place.

Can someone give me a nudge in PM ?

Finally rooted.
What a journey.

Really thanks to @jkr for the machine and @bambunz for the help.

Initial foothold: carefully read the web page and see what zetta guys are trying to provide

User: get your hands dirty and break that service

Root: enumerate, you will find what you need.

See you guys.

Rooted, thanks @blink3r for the hint.
It was a long way with custom scripts & mirroring the env itself. The box is hard, so do not expect to read the root flag in 5 minutes.
Everything you need for user is already in this thread.
Don’t even try to bruteforce on the way to root. Better read the “notes” once again & check every single point.

Type your comment> @weelye said:

Would appreciate some hints for priv esc… have user shell.

Seen some g** folders with post*** credentials but it’s incorrect.
Not sure how to proceed at this point, if someone could DM would be great.

Rooted!
Thanks to @clubby789, @naveen1729, @Lu191 and @d4rkpayl0ad

hello !
stuck at the same point :frowning:
could somebody give me nudge please ? thank’s so far

I made it to the right port with the right w::y but now I need to find m***s and cs
for the service on that other port. Any advice, no ready made scripts are working.

Got user but no shell. I need to figure that out.
Fun Fun Fun box!

Got user.txt

Stuck a post-user/root. Also found the incorrect creds and configs. Have an idea of “what” I need to do, but grasping at straws at “how” to get the payload there. Any DM would be greatly appreciated.

Edit: been a trip! Rooted.

WOW… Rooted… Thanks to @Cptsticky for helping me out… HAD A BLAST on this one…

So nice and well thought out box! thanks @jkr. learned a lot of new stuff here.
ps restriction is awesome, felt really uncomfortable not able to see all processes. this is the first time i see such thing on a box.

p****** took me long just because I’m not that good at s** syntax and even worse with this particular syntax. After I got reverse I found out that pentestmonkey got us covered with cheatsheet which would saved me days of reading. Though i don’t regret i haven’t found it earlier =)

@Cptsticky, thanks for the nudge

Finally rooted.

thanks to @jkr for great box. Learned a lot :slight_smile:
and thanks to @Cptsticky and @bambunz for help me when i stuck.

Any hint for getting IPV6 address of the server?
Tricks that I know (both of them, lol) didn’t work.

Type your comment> @joshibeast said:

Any hint for getting IPV6 address of the server?
Tricks that I know (both of them, lol) didn’t work.

carefully read RFC mentioned on the homepage

Finally rooted.
Fight with post*** part, but start working, find i*_a file and his*** pas*****

PM for nuggets

Hack The Box