Postman

i use script in github to get buffer overflow in r***s but i can’t use system.exec
anyone can help my problem?

Type your comment> @Simmens said:

Does the exploit have something to do with s**?

Yes

Type your comment> @halisha said:

Type your comment> @Simmens said:

Does the exploit have something to do with s**?

Yes

Thanks :wink:

Type your comment> @zikuto said:

i use script in github to get buffer overflow in r***s but i can’t use system.exec
anyone can help my problem?

I had the same problem, system.exec not found :confused:

Finally rooted the box. I’m sure I found the initial foothold just by luck as I’ve never seen S** configured this way.

Feel free to pm

Finally rooted ! . i have gain the knowledge on r***S , User was some what fun.

Thank you guys for providing the hints @WWBK @aho and @roelvb

cool and realistic box

Did anyone get root manually? (sorry if this is a spoiler)

Rooted. As a beginner, I learned a lot from this box. Got user and root at the same time.

Got root. Thanks @Freak2600 for the nudge.

I seem to have gotten stuck. I have found the foothold, but I’m having some difficulty actually gaining access to the box.

Any tips on getting R* was able to get user but kind of stuck on where to go from here.

Finally rooted. Thanks for the hints. I found the initial shell the hardest part for me

Rooted, can anyone PM me telling why this box is named Postman?

Initial; Scan all ports, make sure you know what the service is and if there’s any way to get access by using it, there’s tons of material online. Also, keep notes of unavailable exploits(those that require creds) even though they don’t work now, it might work later on.
User; Read the history, you will need to locate something that can help you.
Root; Once you got user, go back to your notes and see what was available exploits you can use, since you already have the creds, figure it out

Spoiler Removed

I’ve enjoyed the machine very much.

The initial foothold was a little bit frustrating, due to the huge amount of reset requests.

User was fun :slight_smile:
Root was straightforward and very easy.

Rooted

is there a need to use sys ***. ex ** no re ** s?
even using Re ** Ro *** If ** in interactive mode, I can’t run sys ***. ex ***

PM please!

Rooted! thanks for all the Nudges!