Networked

Type your comment> @markontherocks said:

Hi guys, I’m struggling with this machine, no idea how to get user (trying to dirbust the machine IP on port 80). Any hint by PM, please?

You can PM me if you still want help

hint: for root, use ( sudo file *) then play with input

Hey guys, ive dirbusted the 80th port and dont really know what im looking for.

send me little hints please!

Can anyone DM some tips on what exactly to do with c**_a**.***? i know what the script is doing, but I am at a loss on how to manipulate it to work to my advantage. Help would be appreciated!

Got root! Thanks for the help!

Feel free to DM me if you need any hints!

trying to get root… i found the c*********.s* script but cannot find a way to gain command execution with it. I have tried all sorts of cmds for the NAME var but I just don’t see how it is executed per the code. any help via DM would be appreciated>

Hello guys.
I got shell into the machine with a***** user, once logged in if i type “whoami” sometimes display a***** user and sometimes display g**** user.
Is this a machine bug?
Is this a cron process ?
Any further hints?

Type your comment> @wsurfer said:

Hello guys.
I got shell into the machine with a***** user, once logged in if i type “whoami” sometimes display a***** user and sometimes display g**** user.
Is this a machine bug?
Is this a cron process ?
Any further hints?

Had the same issue, closed other shell & waited for next cron exec & was “g***”

Any hints on getting user once u`ve gotten a low priv. shell?

Rooted! Can someone please explain the user exploit and why it works?
User: Go to …/…/…/u****s and you’ll get it.
Root: Once you find the right file… “Do something please” “No” “Sudo something please” “OK” :wink:
Hope that’s not too spoilery

PM me for hints/explain the exploit for me

Got Root!
A very nice box that brings you back to basics and reminds us not to overthink of simple things.

Follow the route: shell → user → root

Hints:

  • Shell: enumerate directories and find a way to bypass the security measures
  • User: Command injection in vulnerable script
  • Root: Way easier than user. When you find out what you can run as root search well on Google regarding on how to exploit the code.

You are more than welcome if you want hints via PM.
Nice box @guly !

I’m struggling with getting connection to the shell. I uploaded the package and loaded the image in the browser, but I can’t get connection with by terminal. Any nudges (or DM’s) in the right direction are greatly appreciated

The first version of this box, exposed other ppls inital foothold, that threw the struggle away - you could see contents of the /u***d folder. To get user was easy bcause you could see what other ppl was doing to get it. Same with root.

Feelt like i cheated on this box…

Rooted!

thanks to @Hilbert and @xcabal

for any hints DM me.

Rooted! also thanks to @xcabal for helping me at the user part.

DM me if you need any hints.

Cancel

Type your comment> @Emrys said:

I got user access but am stuck on how to elevate. Could someone PM me with a nudge in the right direction on how to get root access???

So I found what I needed to find as g**** but the file never changes. Thoughts?

edited: found the problem

Thankyou @guly for the box, good one to remind us of the basics.

Just got the user, but no idea what to do to get rooty-rooty,

any hints please?

Finally rooted, thanks to @blooch4 and @Hilbert advices !!