Finally got root.
My tips:
- get a good foothold;
- learn how to use rā¦ when u find it;
- u dont need the u*** at allā¦ only to get the hash for it.
Finally got root.
My tips:
pwnd
Please reset this box , looks like a team has modified the permissions
Rooted
initial: enum and see how the unprotected service can be abused (try kali cookbook)
user: permissions are important while creating backups
root: just run the module (dont forget ssl)
PM if you need hints
Hello
I got the intial shell, tring to get user.
i found a file i*_***.**k, and when i tried to connect to ssh i get :
Connection closed by 10.10.10.160 port 22.
is what im doing wrong, or something wrong with the machine(cant reset it)?
Type your comment> @Awby said:
Hello
I got the intial shell, tring to get user.
i found a file i*_***.**k, and when i tried to connect to ssh i get :
Connection closed by 10.10.10.160 port 22.
is what im doing wrong, or something wrong with the machine(cant reset it)?
Everything is OK both with you and with the machine.
iām trying this one as my first boxā¦ wish me gl!
Hey,
New user here.
I managed to get a shell via S** with r**** and found the i*_***.**k .
However i did not manage to decrypt itā¦ i think i miss the essential knowledge and toolā¦
I am glad for any nudge.
Spoiler Removed
Type your comment> @ghost5egy said:
READONLY You canāt write against a read only slave.
I got this message when trying to exploit ***
please edit your messageā¦
Type your comment> @blackdev1l said:
Type your comment> @ghost5egy said:
(Quote)
please edit your messageā¦
Why?
Type your comment> @ghost5egy said:
Type your comment> @blackdev1l said:
Type your comment> @ghost5egy said:
(Quote)
please edit your messageā¦Why?
itās a spoiler.
I know that you have to exploit r***s, but I canāt get the scripts to work. Iāve pulled up a few automated scripts and they just ask for the ssh password. Can anyone give me a nudge? btw I used scripts from Kali Cookbook.
Can someone PM me, please? I have trouble getting the shellā¦ I know what I have to do, but Iām doing something wrong and donāt know what is it
~~I can not figure this out. Second box ever but I know where I want to go, Iāve found several exploits but they donāt work because the M****** command is missing from r**** and at least 2 articles detailing different manual/semi manual ways to get there but nothing is working. One of the ways Iāve tried is to upload ssh keys to a certain users directory through r**** but when I try to use them to connect it keeps telling me my key is wrong. ~~
Any nudges or help would be appreciated because after a whole day on this I donāt think Iām getting further as it is.
Edit: I am so unbelievably silly. Lesson learned. Take breaks.
Finally did it, rooted! Was missing the obvious, so annoying when that happens. Still, great box, really enjoyed the journey, thanks @TheCyberGeek
Hey,
Which one could give me a clue about the u******* to use for S** when I injected my k** via R***s?
Iāve been blocking for a week nowā¦
EDIT : Okā¦ now itās work i donāt know how ā¦
EDIT : ā ā ā ā me i m so tard ā¦
EDIT : Rootedā¦
Could anyone reset the machine? It says Iāve reached the limit for today. I owned user and cannot get access anymore now due to someone breaking r***s.
rooted
I didnāt manage to get the m thing to run for root so I crafted my own h***-r******. Maybe someone wants to share their way via PM? I never use the m thing, because it never works for me. Maybe there is something wrong with my installation?
Cheers!
Rooted! Thank you for all the support!
Thereās really plenty of information to solve this challenge in the comments. Probably too much.
What took me so much time was the inconsistency of the āmagic valueā youāre able to retrieve.
It doesnāt work for the most obvious thing youād think it works, you need a workaround but that in the end isnāt even necessary.
Then, thereās a service that you could not exploit before but now you can, however the āmagic valueā wasnāt working for me and I tried it multiple times. So I just left it as is and tried other paths.
In the end Iām happy with the experience, happy with my first hacked box, however I also lost too much time on really trivial things