Traverxec

Rooted,

Feel free to PM if you need nudges

Rooted.

Fun box, straight forward.

Rooted, many thanks to terrats for the last root hint.
Didn’t know pipes could do that :slight_smile:

My feedback for Traverxec:
The box is almost straightforward the annoying thing is that web server keeps dying not sure if that is because people are dossing or some kind of weird unstable machine.
anyway here is how I see the steps to root.

initial: recent CVE after light enumeration gives you quick win

User: enumeration of of the door that let you in gives you a bit of usefull info… for me this is sligtly CTF-y and requires a bit of guessing but once found gives you the user with a bit of extracting/cracking

Root*: quick enumeration would lead you to something… if you are not familiar google it, try it locally and go back and root the box :slight_smile:

  • Make sure you do not maximize your terminal screen a lot … sometimes LESS maximizing is better :slight_smile:

PM if you are stuck

Any assistance with root? I know about GBs, the dir to place the file in and that p** has something to do with it but unsure from here

haha. first the box is down for pretty much most of first day. Now I know exactly how to get root… and it doesnt work. I know it is the way but it doesnt work… so annoying.

To echo a previous comment, you need to try a different terminal if you are stuck at trying to get root and aren’t making headway. Things will function/display differently.

No idea why this is the case, but it cost me well over an hour of time.

Type your comment> @ALK said:

For people struggling with root. remember its not always a good idea to maximize ur screen :wink:

this unblocks me for root flag, thanks br0

Im kinda lost, got d**** credentials, but no idea where to go next

Just rooted !

Thanks for the machine @jkr ! I wonder where did you get the inspiration for the root flag, it reminds me one of the levels of bandit, the one that i struggled with the most !

I say something strange when i got in the user, hints from the guys on this thread helped me a lot ! i think they provide enough info already ! I would chat with someone who got root too ! the usual thing that i do didn’t worked, but i just tried something that seemed weird on my enum and it worked, coupled with the hints on the forum and got it !

Would love to hear from you @jkr, Thanks again !

I have tried and tried and that port is always “closed”

Struggling to crack creds. The usual tools finish almost instantly with a false alarm.

Anyone with a PM to help with syntax? Feel like I’m doing something silly.

Struggling with what to do with credentials of d****. I have RTFM multiple times and have the credentials cracked, just not quite getting what I have the ability to do under the unprivileged user…

Any nudges appreciated, PMs as well.

I got in and found the an interesting, plain view treat but cracking is taking forever? Weird

Nevermind.

Can anybody help me. I cracked creds and found “private space”, but I doesn’t really give me anything

Got Shell As www-data Any Hints For User?

Type your comment> @xy83rx said:

Got Shell As www-data Any Hints For User?

Read the code and go to the place you won’t expect :wink:

@H4X00R I Have Got The Hash For The User. Now Do I Need To Crack That For The Password Of User?

Type your comment> @xy83rx said:

@H4X00R I Have Got The Hash For The User. Now Do I Need To Crack That For The Password Of User?

John is your best friend