hmm… it took very long time to b*e backup service with help of np script… yes?
Edit: Its was my mistake. Rewrite np script and then got user.
Edit2: Rooted!
Very nice box! Thanks @jkr !
I’m user, got some creds. Get some hidden file as user.
Great ! Whats next ? didn’t noticed anything special in all the file i’ve grabbed from these hidden place.
Can someone give me a nudge in PM ?
Finally rooted.
What a journey.
Really thanks to @jkr for the machine and @bambunz for the help.
Initial foothold: carefully read the web page and see what zetta guys are trying to provide
User: get your hands dirty and break that service
Root: enumerate, you will find what you need.
See you guys.
Rooted, thanks @blink3r for the hint.
It was a long way with custom scripts & mirroring the env itself. The box is hard, so do not expect to read the root flag in 5 minutes.
Everything you need for user is already in this thread.
Don’t even try to bruteforce on the way to root. Better read the “notes” once again & check every single point.
Type your comment> @weelye said:
Would appreciate some hints for priv esc… have user shell.
Seen some g** folders with post*** credentials but it’s incorrect.
Not sure how to proceed at this point, if someone could DM would be great.Rooted!
Thanks to @clubby789, @naveen1729, @Lu191 and @d4rkpayl0ad
hello !
stuck at the same point
could somebody give me nudge please ? thank’s so far
I made it to the right port with the right w::y but now I need to find m***s and cs
for the service on that other port. Any advice, no ready made scripts are working.
Got user but no shell. I need to figure that out.
Fun Fun Fun box!
Got user.txt
Stuck a post-user/root. Also found the incorrect creds and configs. Have an idea of “what” I need to do, but grasping at straws at “how” to get the payload there. Any DM would be greatly appreciated.
Edit: been a trip! Rooted.
So nice and well thought out box! thanks @jkr. learned a lot of new stuff here.
ps
restriction is awesome, felt really uncomfortable not able to see all processes. this is the first time i see such thing on a box.
p****** took me long just because I’m not that good at s** syntax and even worse with this particular syntax. After I got reverse I found out that pentestmonkey
got us covered with cheatsheet which would saved me days of reading. Though i don’t regret i haven’t found it earlier =)
@Cptsticky, thanks for the nudge
Finally rooted.
thanks to @jkr for great box. Learned a lot
and thanks to @Cptsticky and @bambunz for help me when i stuck.
Any hint for getting IPV6 address of the server?
Tricks that I know (both of them, lol) didn’t work.
Type your comment> @joshibeast said:
Any hint for getting IPV6 address of the server?
Tricks that I know (both of them, lol) didn’t work.
carefully read RFC mentioned on the homepage
Finally rooted.
Fight with post*** part, but start working, find i*_a file and his*** pas*****
PM for nuggets
about r**… how can I get his password? any nudge?
Type your comment> @blay said:
about r**… how can I get his password? any nudge?
man r**** and brute
Type your comment> @v01t4ic said:
Type your comment> @blay said:
about r**… how can I get his password? any nudge?
man r**** and brute
check your DM
Got user…
Special big thanks to @v1p3r0u5 and @clubby789 , you saved my mind…
Let’s try to root this now… scared
Anyone with a hint for IPv6? I’ ve read the RFC a few times but nothing jumps out…