Inception

One of anyone else’s favorite machines so far?

This box seems to be quite difficult. I have found a way to access two different services that require a login and I have been able to read files from the server. Yet, I haven’t been able to execute code and I haven’t been able to find any credentials either of the services. Found some useless credentials, which I assume won’t be needed for anything. I wrote a small Python script to try out the “obvious” user/pass combinations, but didn’t get anywhere.

I don’t quite understand how reading more about “configs” will help me :anguished: Perhaps I’m missing something crucial.

Finally found the “credentials”. I actually wrote a small Python script to find it, but I suck at this enumeration thing apparently. Now the rest should be relatively straightforward I hope.

Errare humanum est! It wasn’t straightforward! Well, I know what to do during the night as I have some “leads”. It seems I must go deeper!

I really like this machine, though it’s certainly not easy to crack. (At least not easy with my limited skills.) Please don’t retire this machine :+1:

I’m root, but the root flag is … wtf. :dizzy:

I found creds, by following the path stated on one config file and as far as I see it is encrypted. John is not helping me to crack it, any clues?

I think the creds should be easy to crack. Did you make a mistake somewhere?

I have the same problem here, I found credentials but I cant seem to be able to crack them with John. As far as I can tell I did not make mistake and I am trying to access a specific directory. Any clues? :frowning:

Hi. Read through all posts and confused. so found a way to read some files from box after doing something. can see also 2 ports open, one which would be usual way in but creds I have found from usual file cannot be right, only two users? saw other comments saying no creds needed so off down rabbit hole I went! it would make sense if usual file had user info and I could find creds for user to do usual thing for first foothold. Sorry sounds like jibberish, but those who have done will know.
Am I supposed to find creds using the method I am using or find another exploit to initiate a shell? anyone want to PM and I can explain what I have done so far.

so with a little more experimenting I see my files are being truncated. using this method of reading files isn’t working. please PM me - I need help (yep in more ways than one).

@adyd said:
so with a little more experimenting I see my files are being truncated. using this method of reading files isn’t working. please PM me - I need help (yep in more ways than one).

same here, stuck with that :confused:

ah. I can read all the file.

anyone offer any help finding that directory which prompts for creds, please PM me.

Well I found the creds so I might be able to help you,
BUT I can’t crack them with john so they are useless to me :frowning:

Any hints on how to catch the train?

@Greenou said:
Well I found the creds so I might be able to help you,
BUT I can’t crack them with john so they are useless to me :frowning:

you can crack it with your friend jhon, just must know wich type of hash is

ok know I have asked for help before. I am no newbee. got root , wtf am I do do with the file? nothing makes sense? please help!! PM me please,.

Really, need some help please

talking about root.txt here. really after all this left with a riddle? help me please.

@adyd said:
talking about root.txt here. really after all this left with a riddle? help me please.

Having the same problem about the root.txt