Traverxec

Stuck at user and I think I’m getting a little bit crazy, because I keep trying the same thing, which should work (in my very disturbed mind), but it doesn’t.
Found the file to read, cracked the password, tried to access the directory through http…but nothing happens, just the “private space” page.
I don’t know if I’m using a wrong user, a wrong password or accessing a wrong page…any hints?

EDIT: Nevermind, I WAS getting crazy. A good night of sleep cleared my mind

Rooted.
Feel free to DM for hints :wink:

root@traverxec:~# id
uid=0(root) gid=0(root) groups=0(root)

Took some time, but it twas a fun box. Thanks @jkr. PM me if you need some hints

I found a hash from the c*** folder, and used hashcat to unlock it, but I couldn’t log in to D****'s user. Someone prompted me to read the configuration file carefully, but I got nothing. I need a slight hint to indicate my direction. Thank you.

Thank you very much to the creator of this machine for taking your time to bring it here thank you very much also to my friend extincted for his advice and patience xd

pd: I’m root yeahh !!

I found a new directory /~d***/ on the url, but the prompt is private space, the configuration file and the official guide file of nostromo are also read, there is no clue, this is frustrating, if anyone can hint me, please PM, thanks

Type your comment> @ryuutanyou said:

I found a new directory /~d***/ on the url, but the prompt is private space, the configuration file and the official guide file of nostromo are also read, there is no clue, this is frustrating, if anyone can hint me, please PM, thanks

I can suggest two independent things:

  • Read the manual again and find another important configuration option too.
  • If one communication way doesn’t work, use another way instead.

Type your comment> @bumika said:

Type your comment> @ryuutanyou said:

I found a new directory /~d***/ on the url, but the prompt is private space, the configuration file and the official guide file of nostromo are also read, there is no clue, this is frustrating, if anyone can hint me, please PM, thanks

I can suggest two independent things:

  • Read the manual again and find another important configuration option too.
  • If one communication way doesn’t work, use another way instead.

I think it is HOMEDIRS , I try found p***_w*** folder , and used find / command ,but nothing

We are close to the solution, so that send me a PM if you want to get one more hint.

I am unable to crack the hash with either hashcat or john , hashcat does not find the pass with rockyou while john always exits with dir*****ss

Nevermind, i’m retarded

Rooted.
Really fun machine to kill some spare time. It was my fastest so far.

Hints:
Foothold: Basic enumeration

User: What’s on this machine? How does it work? Enumerate and read the documentation about it. Check a particular odd permission for a more obvious hint (it won’t make sense if you don’t read the documentation).
You can get user through 2 different ways from that point.

Root: In your face. I recommend reading GTFOBins after finding it.

rooted! such a nice box
pm me for any hint

Got user and root. For root, I did have to resize the window.

I’m losing my mind on the last part of getting root in traverxec… and i’m breaking down lol. someone PM me for a nudge over the finishing line

Rooted! Shoutout to @rholas for nudges!

I got root, thx for become my mentor @IceL0rd

annnnnnnnnnnd… i got it… geez - slapping myself in the face now… shoutout to @rholas for the hint

Finally got root been stuck on something this simple for too long it always become obvious once you get it but not before x’)

id

uid=0(root) gid=0(root) groups=0(root)

Feel free to pm for hint

Got root… the last big thing for me was to … make the window smaller. Sometimes i am such an idiot lol