Traverxec

ā– ā– ā– ā–  yeah :smiley: 2 in one night letā€™s go!

root@traverxec:~# id
uid=0(root) gid=0(root) groups=0(root)

Rooted.
Thanks to @w4x & @trikster9

Type your comment

FInally rooted, i feel so stupid with root.

Pm for help

People who are still stuckā€¦ please send a dm for a nudge

rooted :smiley:

Any hint for root?
Got user flag but canā€™t find anything interesting else.

Ok what the heck am I missing with priv esc.

I know weā€™re looking at the script. I know about what GTFOBins has said about the particular binary. I know I am supposed to be focusing on seeing not as much in the window. But everytime I try and escape, it just dumps me back to user shell.

I know Iā€™m missing something stupid, but I donā€™t know what it is.

Type your comment> @joeybruns said:

Ok what the heck am I missing with priv esc.

I know weā€™re looking at the script. I know about what GTFOBins has said about the particular binary. I know I am supposed to be focusing on seeing not as much in the window. But everytime I try and escape, it just dumps me back to user shell.

I know Iā€™m missing something stupid, but I donā€™t know what it is.

Your command is too long, cut the end to remove the special character.

Type your comment> @bumika said:

Type your comment> @joeybruns said:

Ok what the heck am I missing with priv esc.

I know weā€™re looking at the script. I know about what GTFOBins has said about the particular binary. I know I am supposed to be focusing on seeing not as much in the window. But everytime I try and escape, it just dumps me back to user shell.

I know Iā€™m missing something stupid, but I donā€™t know what it is.

Your command is too long, cut the end to remove the special character.

FACEPALM got it. Thank you.

Finally got root. This was my first machine, i learned a few things

hey guys i need some hints, iā€™m stuck on the gtf* thing, whenever i try to run the command inside le**, it opens a new user terminal instead of the root one :s

thats because le** doesnĀ“t run elevated the way you ran it.
However, i just checked the machine. The way i rooted it yesterday does not work at the moment. j*****l does not use l when getting rid of the pip*

Ed.
Thats weird, it just again worked once, now again iĀ“m not able to do it.

Ed.2
Nevermind - my bad. Everythingā€™s working fine

This box is driving me crazy :smiley: I found ā€œback**--identity-*.tgzā€, unzip them and copied 2 of the files inside, but I canā€™t cat or copy the third one, it breaks my shell everytime I try to cat itā€¦ any other way to get it?

root@traverxec:~# id;hostname
uid=0(root) gid=0(root) groups=0(root)
traverxec

this is a very easy, but dangerous box.
you get trapped easily if you donā€™t pay attention!

rooted! So, what can I sayā€¦ It is NOT a ctf`y machine, itā€™s close to the real life. Pretty straightforward, with vulnerablilities you could see in a real world. Almost perfect for the beginner, a lot of things to learn. Here are some hints!

shell: Enumerateā€¦ Find a door, than examine it thoroughly

user: Keep it simple, nothing crazy. You need to enumerate, read about service, see a configuration and then start investigating

root: Do you remember that frustrating moment from the past, when you screamed ā€œhow to exit this?ā€. Yea, its time to bring those memories back

Hope itā€™s not to spoily (i wonder if this word exists, lol, sorry, english is not my first lang :d), good luck! Feel free to PM me, you need help :DD

Thanks to @donkeysnore for his help!!!

I want to do this with my windows laptop. I know what vulnerability i need to use for foothold. But meta sploit for windows has an installation isseu.\is there a way to do is by hand?

Nvm, charles to the rescue

Type your comment> @djbrains said:

I want to do this with my windows laptop. I know what vulnerability i need to use for foothold. But meta sploit for windows has an installation isseu.\is there a way to do is by hand?

Nvm, charles to the rescue

I have done this box without using a metasploit, so, yes, it is possible :d

Nice box! Got caught up on a few things - but then hitting myself for how I overlooked things. Hope this will help!

Shell: Getting the shell is easy. I donā€™t need to go further.

User: Getting user took me way too long when it shouldnā€™t have. When people say read the manual and the config file, they mean it. Look closely. There is a spot where you can visit that you normally wouldnā€™t think to check. Itā€™s there and it contains some goodies. Crack the key to that door - not the other goody you might find when reading the config file.

Root: Again, I hate myself for missing this. I believe some of the issue is not knowing exactly what that binary does. See what the binary is doing with what privileges and what doesnā€™t need to be there to get this to work.

root@traverxec:/# whoami && hostname && ip a s eth0 | grep inet
root
traverxec
inet 10.10.10.165/24 brd 10.10.10.255 scope global eth0

sudo apt get root