Postman

@paidtheprice said:
i just got in via r**** but now i cant reconnect? was able to get the i.rb* and then get its passphrase, but then when that works i get “Connection closed by 10.10.10.160 port 22”

The passphrase might work somewhere else.

Good morning guys, it has happened to you that when you are using redis and you want to get into a directory, you are told that you do not have permits if someone is so kind as to help me out

please stop dumping your keys on the system! if you run a command that pipes input into the r****-***, note that it is coming from your machine, not the remote machine!

Is anyone else having issues with j**n running really slow? This system will be retired by the time it is done…

I’ve got a low-priv shell as r**** but the box is unusable… Connexion keeps dropping every minute, I have time for a couple of commands and that’s it, my shell is gone… Very frustrating…

Rooted

Yeah I’m still stuck at the r****-*** to get a user shell. Any nudges appreciated!

Edited:
nvm, got it…

Can’t connect via ssh with credentials

Enter passphrase for key ‘id_rsa.bak’:
Connection closed by 10.10.10.160 port 22

Stuck at the initial shell. As of now I have:

  • Read and re-re-read the forum posts
  • Read r*** configurations and documentation
  • Insert my id to a certain location with r***-***
  • Use a ready made exploit with m***
  • Use a script from G***.

I know (think) that I should modify a script a bit or get in manually, but something is missing. Any nudges for the initial shell are most welcome!

Edit: Moving forwards, thanks to @p1kabyte +1

More Holes Than Cheese I thought…think simple with root

Please stop rebooting the freaking box! So annoying!

i dont know if that was me or not but i tried rebooting it and never saw it go down? do you know if/why the r----- shell exploit stopped working (maybe just for me?)

got the shell but not able to get privilege it , any help

Need help getting the shell. Any help would be appreciated.

Finally, got a root privilege. Straightforward box.
Everybody knows enumeration is key, but I have missed and stuck in rabbit hole.
I generally use ‘nmap -sC -sV’ options, but do we always have to use nmap deep scan at the first stage? Once we investigated few vulnerabilities against unusual services, then following processes were similar to Traverxec. If anyone still in the cloud,message me. :slight_smile:

Just got root before I got user.Pretty weird but an awesome experience…
Only learnt a lot on the initial foothold really,root was just a very well documented CVE.

Feel free to pm for nudges.

Got root, finally…

Initial shell: was much fun and I learned to use r**** allot better.

User:
Got stuck on simple enumeration, just keep it simple after initial shell and look where you normally also look.

Root:
Well… Not much to say. Root is a giveaway on this box.

If you need a nudge, PM me.

Rooted ! Nice box :slight_smile:
thanks for hints @N0tAC0p

Initial shell…
Well enumerate hard…!
User shell…
Check juice file
Root shell…
check what you have enumerated at the beginning…!

Hey all,
A nudge pls. I can see and connect to r****. cant upload due to read-only

Type your comment> @EphemeralCodex said:

Hey all,
A nudge pls. I can see and connect to r****. cant upload due to read-only

There is a command that can set the writable mode again.