Got User!
Initial foothold was quite hard.
Now onto root.
I just wrote some code that got me a cookie, which I will use to bribe the executives into giving me a pointer onto the server. I may end up in jail doing so, but am I on the right track or am i taking the long way around?
I was told that this is one of the toughest non-retired machines on HTB? And 8 people still rooted it just today? Is the difficulty exaggerated, or did someone leak a walkthrough?
I would disregard this. It would appear there are some teams working together on the machine, and therefore information is likely to be passed around as a result. After some brief OSINT & digging, I also found a website online where people appear to be buying/selling machine flags (which comes as no surprise… however unfortunate it may be). Just ignore the people who choose to cheat and be confident working at your own pace, knowing you’ll be far better off than them in the long run!
Regarding your second comment about the cookie, I’m not sure I took the same route you did… Though I rooted this box quite a while ago, so it’s possible the method I used was either unintended or a completely different (usable) route. Either way, if you’re confused, feel free to PM and I can provide minor hints at the methods I used.
Probably the hardest user I’ve ever done, but well worth the effort. Thanks to @limbernie and @seekorswim for tips, and @verdienansein for working with me on it. Now onto root!
@verdienansein said:
For root l**c address needs to be bruteforced?
I haven’t even seen it, but I’d still say “no”, as it’s not really feasible unless the creator has made the effort to build from source with a weak config.
Happy 2020 everyone! Would someone care to give me some nudges towards the foothold? I have (most of?) the pieces I think, looking for the way forward.