Traverxec

Rooted.

Feel free to PM. :slight_smile:

Type your comment> @olsv said:

Type your comment> @benhulatt said:

Iā€™m a bit stuckā€¦ Iā€™ve found the place mentioned in the interesting file, just canā€™t find anything further, not sure what to do with the credsā€¦

if you cannot see something it doesnā€™t mean it not exist

took a moment to understand what you mean, figured it out now, thank you for the tip!

Finally got user thanks to @D3Fix and @olsv . As always something stupid i missed, also found cheetsheet and read it and found another way to get there. funny

got root, it was fun.

rooted!

Much thanks to @rholas and @idomino when I was stuck at user.

Cool box. It was nice and straight forward from start to finish. Perfect way to spend an hour on a lazy sunday. :slight_smile:

For people struggling with root. remember its not always a good idea to maximize ur screen :wink:

Got a low priv shell, could someone help me with user?

btw box goes down likely due to people running the wrong CVE since thereā€™s one for dos

Spoiler Removed

hint for user:
enumerateā€¦ enumerateā€¦ enumerateā€¦
donā€™t brute-force sshā€¦
for root:
GTFOBins is your friendā€¦
PM me if you need help
YaSsInE

Spoiler Removed

Rooted.

Thanks @jkr for the fun box!

Feel free to PM if you need hints.

Someoneā€™s tip helped me)))

Still stucked with the credentials found/cracked. I have viewed all the files contents within the n*****o directory for additional information/hints but I did not find anything suspicious.

Anyone who can PM for a nudge into the right direction? Thnx

EDIT: Thanks @YaSsInE for the nudge!!

This was fun. Owning user was a bit tricky at first but looking back it was a rather straightforward process.

  • Hint for user: read configs and enumerate
  • Hint for root: read the code and gtfo

Feel free to PM me for help!

Thanks to @YaSsInE rooted it, i understood that i need somehow to stop itā€¦ but never thought this wayā€¦ Funny machineā€¦ learned quite a lot from rooting.

Hints for user :
-Once you are in, read the manual. Read it till you find something interesting.

Hints for root :

-The answer is in front of you the moment you get user. I went down a rabbit hole and I can understand why people might overthink it, even despite checking GTFO Bins. You need a little trick not so obvious.

Rooted this box!!

  • Foothold: No hints needed, itā€™s too easy!
  • User: The first obvious thing youā€™ll find is probably not what you need; Read the contents of the files in the n****** directory and youā€™ll get thereā€¦
  • Root: Find an obvious file for your way to root. It took me unnesasary time because of a less thingā€¦

Thanks to my fellow countryman @ToneDef :slight_smile:

Rooted! Once the port issues settled down it was a fun box! Thank you @jkr!

Tips:

Foothold: read other comments posted here, enumerate and you are in

User: Ditto, read the manual, understand how things works and are set up this will point you to where you need to go

Root: GTFO Bins and just seeing what is right there is all you need.

General advice: keep it simple, enumerate, read, google, take stock of what you have (often right in front of you).