Any DMās on this would be a great help for foothold. Used R*****-I and followed well published documents online regarding keys. Also found an exploit that gives me access with a shell prompt, however, no basic commands return anything. Do I have to go back to the c? This defults to the tmp dir after bouncing the box.
I managed to get the unprivileged shell with r****-i. I eventually got disconnected. Now I cannot get again that shell using the same technique. Has anything changed on r**?
Iām just wondering if someone could DM me. I donāt want any answers but Iām a NOOB and could really use someone to just get me off the ground. I understand if Iām out of line asking
Nice box! Getting the initial shell was a challenge but I believe that was due to the unfamiliarity with R****. After researching and playing around with R****, I found the directory to inject a certain file in order to get in. If you are unsure of what I am referring to, there is a cookbook you can read that will talk about this.
After getting in, I noticed juicy loot and ran my pal J*** against it, but came up short when I attempted to connect as our friend M***. I read the config file for the service and found out why. Darn!
Since my pal did his job well, I now have access to a certain interface thatās running on a high port. Maybe that will work?
If you are successful - you will notice our friend only has access to a very limited selection of tools. However, one of them is exploitable. That might be why this box was rated very CVE heavy? Have a look around and see if you can find a certain repo on GitHub? Maybe one that is for OSCPs since a certain framework is banned?
i finally got root. this was my first hack. still feel like a total noob, but pretty stoked. still curious to know why the one manual exploit i was using that i found via g* worked initially, but then the next day and beyond i wasnt able to connect with it anymore.
Iām a beginner here and having problems with timeouts, the box seems to be down more than it is up. From the scanned ports, not found any way to use the lowest, found the interface on the highest and have had some success with the service on the second highest port found, but not got a user or root shell yet. Timeouts are killing my progress, not sure if things I am trying are not working or just timing out. I am reluctant as a noob to reset the box or try anything that will change it for those coming after me.
Does becoming a vip improve the situation with timeouts? Iām considering it anyway for the walk throughs.
Rooted.
Really fun and relaxing box. Initial foodhold is the hardest part. User ā Root is really easy.
Foothold: Enumerate. Youāll find something exploitable, but no exploits in the wild work. So read them, understand then. Try to exploit manually. Study exactly the service youāre exploiting. When you put 2 and 2 together, youāll get it.
User: Basic enumeration and a well known script.
Root: Basic enumeration at step 1
Initial Foothole was really hard for me, never worked with r***s, but learned a lot.
After that initial foothole to root in 30min.
Used the metasploit way, maybe someone can let me know how to do it without it.
Does becoming a vip improve the situation with timeouts? Iām considering it anyway for the walk throughs.
Yes. unironically got VIP for this box, made the same experience as you. I had the Box for me and no sciddis were hammering it with automated scanners, it was beautiful.
Foothold: Enumerating, using a client, dropping a key.
User: Enumerating and cracking a backup.
Thanks! Have upgraded myself to VIP and it is beautiful! I can actually do stuff and the box looks pristine so far. Thanks for the tips as well.