Traverxec

ROOTED…!!! Learnt something new…!! Phew… Need a break… haha :slight_smile:

Hate to ask for help at this point as I know I’m so close to getting user, but I’m hitting a wall. I’ve pulled what lies in the place you don’t expect, but it’s still asking for a password.

A nudge would be greatly appreciated!

Rooted! Great box, really informative!

As usual, pm for hints/tips or help.

And if you used the creds, hit me up with how. I didn’t need them in the end but I’m curious

Type your comment> @PrivacyMonk3y said:

My meta doesn’t allow me to search for the n******o exploit.
Is there a way for me to update the database or something to include it?
Some of you are claiming it’s in your db.

Update meta

I am having trouble in cracking the hash. I know its in m*5 format and salt$hash. But cant crack. plz help

Rooted! Fun machine. Looking back on it, I made it harder than it needed to be.

PM for hints/tips or help. Thanks to @olsv for the nudge.

For those who are stuck in either user or root. Here are some Hints!

User: look closely at the configuration file and search all directories…

Root: look at the script running with what privilege… try to understand what is that binary used for and how to exploit it. GTFOBINS is very useful … check it out. Remember you do not need output but only need input from the binary command. Cheers.

If these hints were helpful pls gimme respect too. thanx

rooted finaly thx to @Shad0wQu35t and @Hilbert

Got user.

Know what to exploit for root, yet don’t know-how.

Type your comment> @Ma1ware said:

Got user.

Know what to exploit for root, yet don’t know-how.

new terminal not full screen.

Rooted!
Will be busy so won’t be able to answer you guys, sorry! But I will surely mention the hints which nobody told and were helpful:

FOOTHOLD: Straightforward public exploit

USER: Look at the conf file. What is the thing mentioned there which is only one for a user but two are mentioned. There you go!

ROOT: It was soooo fun! As everybody said, GTFO is useful. I don’t know what others are talking about related to screen resolution. Just remember one thing, you can copy the script and edit it as per your need.

Finally rooted the box. I can’t believe that it took me this long to figure out the hidden directory. After that, it wasn’t all that difficult. Plenty of good hints here. Thx ppl. If you need help, let me know.

Can I maybe get som help on how to get user? I have the creds, I know the directory where they are located and also the conf. I just don’t know what do do with it.

Type your comment> @RandomPerson00 said:

Can I maybe get som help on how to get user? I have the creds, I know the directory where they are located and also the conf. I just don’t know what do do with it.

Read that config-file very carefully. It tells you a place that appears inaccessible at first glance.

Hello Guys!
That’s my first box :D.
I’ve got David’s password with John but I can’t login with that.
Can somebody give me a hint please?

s2j is giving me a weird hash and the type isn’t working in john even with the s…g format specified; more specifically, that type doesn’t show up in the format types when I use john --list=formats and the utility specifically for that type to john states that it isn’t a valid key file.

Edit: I’m just retarded, feel free to pm with questions

I got the creds, know where to use them, but the .h****s hash just wont crack. I have tried Big John and cat with almost all words list, what am i missing, am i suppose to use some salt ?

Just throwing this out here… for all the “Not Full Screen” comments, stty is your friend here, no need to worry about screen sizes.

Type your comment> @cdf123 said:

Just throwing this out here… for all the “Not Full Screen” comments, stty is your friend here, no need to worry about screen sizes.

oh wow, im a dummy, lol

So I got .pub files. But cannot cat them