Traverxec

rooted! So, what can I say… It is NOT a ctf`y machine, it’s close to the real life. Pretty straightforward, with vulnerablilities you could see in a real world. Almost perfect for the beginner, a lot of things to learn. Here are some hints!

shell: Enumerate… Find a door, than examine it thoroughly

user: Keep it simple, nothing crazy. You need to enumerate, read about service, see a configuration and then start investigating

root: Do you remember that frustrating moment from the past, when you screamed “how to exit this?”. Yea, its time to bring those memories back

Hope it’s not to spoily (i wonder if this word exists, lol, sorry, english is not my first lang :d), good luck! Feel free to PM me, you need help :DD

Thanks to @donkeysnore for his help!!!

I want to do this with my windows laptop. I know what vulnerability i need to use for foothold. But meta sploit for windows has an installation isseu.\is there a way to do is by hand?

Nvm, charles to the rescue

Type your comment> @djbrains said:

I want to do this with my windows laptop. I know what vulnerability i need to use for foothold. But meta sploit for windows has an installation isseu.\is there a way to do is by hand?

Nvm, charles to the rescue

I have done this box without using a metasploit, so, yes, it is possible :d

Nice box! Got caught up on a few things - but then hitting myself for how I overlooked things. Hope this will help!

Shell: Getting the shell is easy. I don’t need to go further.

User: Getting user took me way too long when it shouldn’t have. When people say read the manual and the config file, they mean it. Look closely. There is a spot where you can visit that you normally wouldn’t think to check. It’s there and it contains some goodies. Crack the key to that door - not the other goody you might find when reading the config file.

Root: Again, I hate myself for missing this. I believe some of the issue is not knowing exactly what that binary does. See what the binary is doing with what privileges and what doesn’t need to be there to get this to work.

root@traverxec:/# whoami && hostname && ip a s eth0 | grep inet
root
traverxec
inet 10.10.10.165/24 brd 10.10.10.255 scope global eth0

sudo apt get root

holle,now I have www-data jurisdiction, please who can give me a little hint.

This box is infuriating to say the L***. However I was able to get some information out of it. But getting user and to root is the next step, been working on this box the last 2 days (couple of hours a day) and making some progress. May need to call in another favor, I want to get my first rooted/owned box with out a write up available under my belt.

Got root, thanks to @N0tAC0p for keeping me sane.

PM me for an nudge.

Someone dos the box? Not responding to resets or any traffic.

Type your comment> @grizzlybadger said:

Someone dos the box? Not responding to resets or any traffic.

Each reset request can be cancelled by a HTB user. Click on Shoutbox to follow service messages.

Type your comment> @LightTheMad said:

Type your comment> @djbrains said:

(Quote)
I have done this box without using a metasploit, so, yes, it is possible :d

found a python script

Finally rooted!! So it was a decent box in my opinion. Huuuuuge thanks to @bumika @N0tAC0p and @rocksmen for the nudges.
User: The stuff you find at the beginning is not enough. Read the conf file thoroughly focusing mainly on directories. You will find good stuff somewhere through which you can get user access.

Root: This got me really frustrated as i was missing a minute detail. Its in your face . Enumerate and find out about the functionality of codes that are being run. GTFObins is your friend and remember to use your mouse when your keyboard doesnt seem to work too much.

I’ve been reading all the comments and helped me a lot.
But I’m new on this so need help.
I had already tried to access /~d**** but nothing
could someone explaing me better what can I do t ocontinue?

Thanks!

Just got root on this awesome machine. I’ve learned lots of thing even though its listed as easy . Huge thanks to @bumika for all the hints provided.

I am in the root part after owning user. I reached the binary folder, and inspected the content there. I know that I have to play around with the command l**s and how does the script call it.

Still not able to access anything on root. My window is not maximized. Can anyone throw a nugget on this? Thanks!

EDIT. Nvm. It was in front of me all the time. Root is easier than user, IMO. Feel free to PM me for hints!

I have problems with this box. I can only write a few commands, and then the box freezes. Other have the same problem ?

For user, is it required to crack the password for i*_r** priv key?

Type your comment> @ph4qd said:

For user, is it required to crack the password for i*_r** priv key?

Wondering that as well, I have cracked the password using John but it does not seem to be working. Any hints or nudges would be greatly appreciated!

Type your comment> @doates12 said:

Type your comment> @ph4qd said:

For user, is it required to crack the password for i*_r** priv key?

Wondering that as well, I have cracked the password using John but it does not seem to be working. Any hints or nudges would be greatly appreciated!

It does work. If you’ve got the passphrase used to encrypt the key then you can s** into the box using that key.

stuck on the jou****l part. a nudge would be useful. thanks!
update: found it my self. i found out that my window was too big. lol