Traverxec

I would like to accept this “root” on behalf of Traverxec, I would like to give thanks to my producers and directors @dnperfors @Enigma00

Now lets all root dance!

I am stuck in Traverxec box. As I am very new to this field, unsurprisingly, I am not able to gain even the initial foothold. I know that the box is vulnerable because some service (I know which) is running on port 8*, but I am not able to exploit it. I downloaded its metasploit exploit but I am not able to exploit it. Can someone help?
Thank you

i found the pass of the user but how to decrypt this??

I got root but I’m confused since all the talk about doing stuff with the size of the terminal didn’t actually do anything in the end.

Type your comment> @JuicyyCandy said:

I got root but I’m confused since all the talk about doing stuff with the size of the terminal didn’t actually do anything in the end.

did you decrypt the user Pass?

My meta doesn’t allow me to search for the n******o exploit.
Is there a way for me to update the database or something to include it?
Some of you are claiming it’s in your db.

rooted, mostly straightforward, though getting root is a bit of a troll

Root: I’m not sure what I’m looking for. The s****-s**.sh seems interesting in particular one line. GT***s to gain root access or there’s a whole game of symlinking ahead?
PM me please

Type your comment> @PrivacyMonk3y said:

My meta doesn’t allow me to search for the n******o exploit.
Is there a way for me to update the database or something to include it?
Some of you are claiming it’s in your db.

Just update/upgrade kali.

Type your comment> @saminskip said:

Just update/upgrade kali.

Using Parrot and it’s updated still a no show. /shrug guess I just have to wait lol.
Used the non meta version anyway and got a foothold + but just curious about the lack of the search result.

Rooted! A great thanks to @JuicyyCandy.
I feel so stupid now…

Pretty easy but really funny.
And of course, learnt a new thing :slight_smile:

Rooted!

Easy/Fun box

User: It’s quite simple but could be confusing, John is always your friend, man is also your friend.
Root: Very simple. GTFO Bins

PM me if you are confused

Rooted! :smiley:


# id
uid=0(root) gid=0(root) groups=0(root)
# whoami
root

I’m not sure if this was really easy, or I’m just getting better, but this was my quickest box to root so far. Less than 12 hours total :smiley:

Pretty much everything has already been said as far as hints go for both user and root, but feel free to PM me if you need a nudge.

Type your comment> @frod said:

Root: I’m not sure what I’m looking for. The s****-s**.sh seems interesting in particular one line. GT***s to gain root access or there’s a whole game of symlinking ahead?
PM me please

PM me bro

So I’ve hit a wall. I cracked the user password for the web app but I don’t know how to authenticate with them. Need some help to figure out what I’m missing here.

ROOTED…!!! Learnt something new…!! Phew… Need a break… haha :slight_smile:

Hate to ask for help at this point as I know I’m so close to getting user, but I’m hitting a wall. I’ve pulled what lies in the place you don’t expect, but it’s still asking for a password.

A nudge would be greatly appreciated!

Rooted! Great box, really informative!

As usual, pm for hints/tips or help.

And if you used the creds, hit me up with how. I didn’t need them in the end but I’m curious

Type your comment> @PrivacyMonk3y said:

My meta doesn’t allow me to search for the n******o exploit.
Is there a way for me to update the database or something to include it?
Some of you are claiming it’s in your db.

Update meta