For root, I rooted it the lazy, dumb way (which I think it’s unintended) and can’t say much about it. Going to try the hard way.
Interesting, I didn’t notice an easier way than the (apparently) intended one - unless the way I rooted it was unintended and there’s something even easier.
Any guidance on how to proceed to root? I’m in on the box as the user b*** and also got in the /b***/b*** weba****. Can’t really seem to find a way to launch a revshell or anything though
Pushed at root for a while, found a few possible entry points, but eventually I gave up and used the unintended method. If anyone can give me a hint for the proper one, I’d be very interested!
do not try to crack anything user wise use grep and look forensics wise at your d*r p and when u overlay to something useful you will see the mess of the ctf like setup he talks about
Rooted, thanks @gall0ws for nudges. Fun box, difficult but doable. Good work @thek. Am curious if this can be exploited to get root shell or just read the flag? I did the latter. EDIT: nvm, I wasn’t looking closely enough.
User:
Enumeration leads you to a new sub. There’s more than meets the eye here; google it. Once you have it, make sure history isn’t doomed to repeat itself.
User2:
Basic enumeration and some elbow grease should give you what you need.
Root:
Look for what stands out in basic enum, read through the files and the commands you’re able to execute which maybe you shouldn’t. Google from there.
Could someone give me a nudge? I have found a hash inside a file, but struggling to find the salt that corresponds to the hash. Is that even the right way?