Postman

Another hint - you don’t need metasploit for a foothold. Just look at the CONFIG for the service you find and then look for ways to manipulate it.

Finally done. Still wondering what the txt file in the users Home dir was for.
thanks @inetshell

Finally got root.
My tips:

  • get a good foothold;
  • learn how to use r… when u find it;
  • u dont need the u*** at all… only to get the hash for it.

pwnd

Please reset this box , looks like a team has modified the permissions

Rooted

initial: enum and see how the unprotected service can be abused (try kali cookbook)
user: permissions are important while creating backups
root: just run the module (dont forget ssl)

PM if you need hints

Hello
I got the intial shell, tring to get user.
i found a file i*_***.**k, and when i tried to connect to ssh i get :
Connection closed by 10.10.10.160 port 22.
is what im doing wrong, or something wrong with the machine(cant reset it)?

Type your comment> @Awby said:

Hello
I got the intial shell, tring to get user.
i found a file i*_***.**k, and when i tried to connect to ssh i get :
Connection closed by 10.10.10.160 port 22.
is what im doing wrong, or something wrong with the machine(cant reset it)?

Everything is OK both with you and with the machine. :slight_smile:

i’m trying this one as my first box… wish me gl!

Hey,
New user here.

I managed to get a shell via S** with r**** and found the i*_***.**k .
However i did not manage to decrypt it… i think i miss the essential knowledge and tool…
I am glad for any nudge.

Spoiler Removed

Type your comment> @ghost5egy said:

READONLY You can’t write against a read only slave.
I got this message when trying to exploit ***

please edit your message…

Type your comment> @blackdev1l said:

Type your comment> @ghost5egy said:

(Quote)
please edit your message…

Why?

Type your comment> @ghost5egy said:

Type your comment> @blackdev1l said:

Type your comment> @ghost5egy said:

(Quote)
please edit your message…

Why?

it’s a spoiler.

I know that you have to exploit r***s, but I can’t get the scripts to work. I’ve pulled up a few automated scripts and they just ask for the ssh password. Can anyone give me a nudge? btw I used scripts from Kali Cookbook.

Can someone PM me, please? I have trouble getting the shell… I know what I have to do, but I’m doing something wrong and don’t know what is it

~~I can not figure this out. Second box ever but I know where I want to go, I’ve found several exploits but they don’t work because the M****** command is missing from r**** and at least 2 articles detailing different manual/semi manual ways to get there but nothing is working. One of the ways I’ve tried is to upload ssh keys to a certain users directory through r**** but when I try to use them to connect it keeps telling me my key is wrong. ~~

Any nudges or help would be appreciated because after a whole day on this I don’t think I’m getting further as it is.

Edit: I am so unbelievably silly. Lesson learned. Take breaks.

Finally did it, rooted! Was missing the obvious, so annoying when that happens. Still, great box, really enjoyed the journey, thanks @TheCyberGeek

Hey,
Which one could give me a clue about the u******* to use for S** when I injected my k** via R***s?

I’ve been blocking for a week now…

EDIT : Ok… now it’s work i don’t know how …

EDIT : ■■■■ me i m so tard …

EDIT : Rooted…

Could anyone reset the machine? It says I’ve reached the limit for today. I owned user and cannot get access anymore now due to someone breaking r***s.