Traverxec

Spoiler Removed

Finally.
Foothold: DDoS? Really? Check the description before run something!
User: check that same place where you’ve found those creds. Make yourself familiar with capabilities of the service and ask yourself what permissions should you have to view that content.
Root: was mindblowing for me. It’s right in front of your eyes once you logged in, but you just cannot violate args. Fortunately, there is a way to substitute one thing with another and use the same command to get a shell

I’m a bit stuck… I’ve found the place mentioned in the interesting file, just can’t find anything further, not sure what to do with the creds…

Type your comment> @benhulatt said:

I’m a bit stuck… I’ve found the place mentioned in the interesting file, just can’t find anything further, not sure what to do with the creds…

if you cannot see something it doesn’t mean it not exist

Rooted.

Feel free to PM. :slight_smile:

Type your comment> @olsv said:

Type your comment> @benhulatt said:

I’m a bit stuck… I’ve found the place mentioned in the interesting file, just can’t find anything further, not sure what to do with the creds…

if you cannot see something it doesn’t mean it not exist

took a moment to understand what you mean, figured it out now, thank you for the tip!

Finally got user thanks to @D3Fix and @olsv . As always something stupid i missed, also found cheetsheet and read it and found another way to get there. funny

got root, it was fun.

rooted!

Much thanks to @rholas and @idomino when I was stuck at user.

Cool box. It was nice and straight forward from start to finish. Perfect way to spend an hour on a lazy sunday. :slight_smile:

For people struggling with root. remember its not always a good idea to maximize ur screen :wink:

Got a low priv shell, could someone help me with user?

btw box goes down likely due to people running the wrong CVE since there’s one for dos

Spoiler Removed

hint for user:
enumerate… enumerate… enumerate…
don’t brute-force ssh…
for root:
GTFOBins is your friend…
PM me if you need help
YaSsInE

Spoiler Removed

Rooted.

Thanks @jkr for the fun box!

Feel free to PM if you need hints.

Someone’s tip helped me)))

Still stucked with the credentials found/cracked. I have viewed all the files contents within the n*****o directory for additional information/hints but I did not find anything suspicious.

Anyone who can PM for a nudge into the right direction? Thnx

EDIT: Thanks @YaSsInE for the nudge!!

This was fun. Owning user was a bit tricky at first but looking back it was a rather straightforward process.

  • Hint for user: read configs and enumerate
  • Hint for root: read the code and gtfo

Feel free to PM me for help!