Traverxec

Was anyone able to get a shell on the box without using the common tool for automating things like this? send me a message if you have a way please.

Edit: Please ignore. I am an idiot and never thought to read the source code in this tool.

Rooted! PM me for hints :slight_smile:

Rooted very nice box :smiley:

Root was just “Wow!”

That final mental leap to get root was really, really cute. Maybe think outside the terminal box to get this one if you’re struggling ;). Nice work, jkr.

Finallly got root . Thank you @rholas for help.

pleas PM if need any hints

¡Rooted! I can say that I learned interesting things with this machine. My advice and hint are.
User: Always check the configuration files and read the permissions carefully.
Root: gtfo bins is the key, nothing more and nothing LESS.

This thread can help: https://www.reddit.com/r/hackthebox/comments/dy8t4j/traverxec_help/

There’s someone massively spamming the box with broadcast messages. Can anyone help?

EDIT: Rooted. That was nice :slight_smile: PM for nudges.

got user password cracked… but its not working when i ssh?!!

Someone please help with the hash , can’t crack it with john or hashcat and i believe i have to convert the hash to john format but don’t know how.

Spoiler Removed

have been struck at root for the past day, I found the interesting script & read GTFObins yet I fail at whatever I try with these. Can someone please nudge me in the right direction

Edit: Nevermind, I was able to finally root it. This machine taught me alot about linux in general, was great fun.

I am in the hidden directory, got the private and public key for user d**** I know how to to use the private one but I cannot “cat” it even if I move it to another directory. I tried to move it to my local machine but nothing. Any tip of how to read its content. I guess the cracked password from the first steps ( using john) is used later as passphrase. Thanks!

no passphrase actually… But the dir/file is accessable from other than the cli… as you know where it is, you should know where to access it?

I have obtained the keys needed for user but am prompted for a passphrase when I try to use them (not the passphrase we crack in the beginning – i already used that to obtain said keys). I have read a lot of documentation on the matter but am still confused and am unsure what exactly I’m doing wrong, and googling hasn’t provided me with any answers, and I have tried using verbose mode but still am confused. Would appreciate any help on figuring out how to use the keys to connect to user.

Too long stuck on this machine :frowning: Got low-priv shell, however I am not able to find the file everyone is talking about…

Any help would be appreciated! Please DM for a hint!

Rooted

PM if needed :slight_smile:

I’m pretty STUCK with root. Ok: it’s a GTFO’s thing, it’s about THE script but… I miss something… Where do I have to crash my head?

My most memorable privilege escalation so far. :slight_smile: Thank you, @jkr.

need help, i do not understand how to GTFO using the .sh file.