Stuck at user and I think I’m getting a little bit crazy, because I keep trying the same thing, which should work (in my very disturbed mind), but it doesn’t.
Found the file to read, cracked the password, tried to access the directory through http…but nothing happens, just the “private space” page.
I don’t know if I’m using a wrong user, a wrong password or accessing a wrong page…any hints?
EDIT: Nevermind, I WAS getting crazy. A good night of sleep cleared my mind
I found a hash from the c*** folder, and used hashcat to unlock it, but I couldn’t log in to D****'s user. Someone prompted me to read the configuration file carefully, but I got nothing. I need a slight hint to indicate my direction. Thank you.
Thank you very much to the creator of this machine for taking your time to bring it here thank you very much also to my friend extincted for his advice and patience xd
I found a new directory /~d***/ on the url, but the prompt is private space, the configuration file and the official guide file of nostromo are also read, there is no clue, this is frustrating, if anyone can hint me, please PM, thanks
I found a new directory /~d***/ on the url, but the prompt is private space, the configuration file and the official guide file of nostromo are also read, there is no clue, this is frustrating, if anyone can hint me, please PM, thanks
I can suggest two independent things:
Read the manual again and find another important configuration option too.
If one communication way doesn’t work, use another way instead.
I found a new directory /~d***/ on the url, but the prompt is private space, the configuration file and the official guide file of nostromo are also read, there is no clue, this is frustrating, if anyone can hint me, please PM, thanks
I can suggest two independent things:
Read the manual again and find another important configuration option too.
If one communication way doesn’t work, use another way instead.
I think it is HOMEDIRS , I try found p***_w*** folder , and used find / command ,but nothing
Rooted.
Really fun machine to kill some spare time. It was my fastest so far.
Hints:
Foothold: Basic enumeration
User: What’s on this machine? How does it work? Enumerate and read the documentation about it. Check a particular odd permission for a more obvious hint (it won’t make sense if you don’t read the documentation).
You can get user through 2 different ways from that point.
Root: In your face. I recommend reading GTFOBins after finding it.