Zetta

Stuck a post-user/root. Also found the incorrect creds and configs. Have an idea of “what” I need to do, but grasping at straws at “how” to get the payload there. Any DM would be greatly appreciated.

Edit: been a trip! Rooted.

WOW… Rooted… Thanks to @Cptsticky for helping me out… HAD A BLAST on this one…

So nice and well thought out box! thanks @jkr. learned a lot of new stuff here.
ps restriction is awesome, felt really uncomfortable not able to see all processes. this is the first time i see such thing on a box.

p****** took me long just because I’m not that good at s** syntax and even worse with this particular syntax. After I got reverse I found out that pentestmonkey got us covered with cheatsheet which would saved me days of reading. Though i don’t regret i haven’t found it earlier =)

@Cptsticky, thanks for the nudge

Finally rooted.

thanks to @jkr for great box. Learned a lot :slight_smile:
and thanks to @Cptsticky and @bambunz for help me when i stuck.

Any hint for getting IPV6 address of the server?
Tricks that I know (both of them, lol) didn’t work.

Type your comment> @joshibeast said:

Any hint for getting IPV6 address of the server?
Tricks that I know (both of them, lol) didn’t work.

carefully read RFC mentioned on the homepage

Finally rooted.
Fight with post*** part, but start working, find i*_a file and his*** pas*****

PM for nuggets

Hack The Box

about r**… how can I get his password? any nudge?

Type your comment> @blay said:

about r**… how can I get his password? any nudge?

man r**** and brute

Type your comment> @v01t4ic said:

Type your comment> @blay said:

about r**… how can I get his password? any nudge?

man r**** and brute

check your DM

Got user…

Special big thanks to @v1p3r0u5 and @clubby789 , you saved my mind…

Let’s try to root this now… scared

Anyone with a hint for IPv6? I’ ve read the RFC a few times but nothing jumps out…

Got user. Now on root.
I found some g** h****** with some post**** creds but seems useless.
Not very sure about what to do next…

Edit:
Rooted! Finally!
This was quite hard.
Thanks @v01t4ic @Icyb3r for the help!

Type your comment> @verdienansein said:

Got user. Now on root.
I found some g** h****** with some post**** creds but seems useless.
Not very sure about what to do next…

Edit:
Rooted! Finally!
This was quite hard.
Thanks @v01t4ic @Icyb3r for the help!

Same here. Any hints?

Crazy box. Loved it. Thanks @jkr!

I have a shell as post**** user. It seems everyone is making the jump from this to root just like that. Could anyone give me a hint as to what I am missing?

EDIT: Nevermind. I should have checked my “todos”

Spoiler Removed

stuck at user shell. found a po***es password inside a gt but seems to be not working. anyone can help?
EDIT: rooted. the vuln was easy to spot, but for me was difficult to exploit. thanks to @rholas

Anyone can PM me for IPv6 … I have read the RFC module but it would just hang and i wont get the ipv6…I was able to get the higher port but cant get the ipv6 address!

Good machine