PM for nuggets
got the shell but need some help for the user
Rooted intended way, user and root. Great box for beginners, enumeration and a keen eye is required.
Thanks to @conan for the nudge for user.
PM for hints.
Initial: What vulnerable version is running?
User 1: How should you systematically search for enumerated details?
User 2: Is the strange directory accessible elsewhere?
Root: GTFObins
Very easy machine
User
- CVE
- Follow the trail of breadcrumbs
- crack and done
Root - did you remember that useless file?
wonder what the unintended route was. 11 min first blood… dang!
Got initial shell … traversed around with ls and cat. I found a couple of config files but only managed to get my*** credentials… but other than that I’m stuck. Anyone can give me a nudge? Thanks.
Type your comment> @idomino said:
rooted the intended way now as well, it was a fun easy box, now another week wait for a new one
Well done, ■■■■ your quick ?
How are y’all rooting this in 11min… yikes… i’m nearly an hour in and my nmap scan isn’t done…
I found the initial foothold… can someone PM how the heck it’s supposed to work? Just keeps giving me a $ sign and no shell. idk.
already on shell, but can’t acces directories with cd
Rooted, that was actually a pretty fun box. User was a bit more complicated than root.
foothold: /
user: if you find a pw try it, then do some curls
root: GTFO
i dont know where everybody found vulnerable version, ran directory searching found si*** , mu***, and ar***** but none is using any technology
yea… idk … I’ve read every line of every file you can get to in the www dir… there is no creds to be found.
and rooted!
Love this box, 99% user with a little initial foothold and a sharp root.
HMU for help!
Im interested in the unintended way to get root that is mentioned in some of the comments. A PM is very much appreciated.
Really nice box ! I’m available for hints in PM if needed
Spoiler Removed
@IamKsNoob I Pmed you