OpenAdmin

Rooted!
Some clues:
user: enumerate. enumerate a lot. yeah, there are a lot of rabbit holes, but you’ll handle it.
root: simple prev esc. if you got the user, you are able to get the root. if not - try to use gtfobins)
anyway, if you have any troubles, PM me!!)

Anyone want to help me with script.sh ? It always displays $ sign ? i am doing something wrong ?

Type your comment> @khalid said:

Hello guys
now i managed to get the second user, and i’m trying to get root
when i try to run SU** -* command it gives me this error:
****: PERM_ROOT: setresuid(0 , -1 , -1): Operation not permitted
****: unable to initialize policy plugin
, any idea?
please help

Same Here, can some one give a nudge on root user.

Type your comment> @fooforce said:

Anyone want to help me with script.sh ? It always displays $ sign ? i am doing something wrong ?

If the script does not work try running the commands line by line in a terminal.

Don’t be fooled by the $ sign though. Its not a Shell you get when it works, more of a remote command execution.

Hey guys, I am pretty stuck atm. I get a user2-shell by putting something somewhere and calling it. But it’s unprivileged and no way to alter it. So the interesting commands don’t work. I tried many payloads i know and from msfv.

Ohter’s point towards the thing you get from somewhere, which I processed the usual way but it keeps asking for another password. Afaik that means it didn’t really work.

Can you give me a hint?

Rooted! Very good box. I have learned a lot. The hints here more than enough for you to solve. However, you have to feel pain along the way it is best way for learning. :slight_smile:

Type your comment> @RaNa said:

Type your comment> @khalid said:

(Quote)
Same Here, can some one give a nudge on root user.

Which user are you running as?

Been stuck for the past few hours on getting the second user. So I am currently in j**** trying to get access to ja. Found the interesting thing in the il folder w/ the i**.p* files. I think I understand what those files are supposed to be doing but I do not understand how to make use of them. Found the password in one but haven’t made any progress since then.

Type your comment> @3ken45 said:

Type your comment> @RaNa said:

Type your comment> @khalid said:

(Quote)
Same Here, can some one give a nudge on root user.

Which user are you running as?

j****a

Type your comment> @RaNa said:

Type your comment> @3ken45 said:

(Quote)
j****a

Then you are on the right user, and it should work…

Try resetting the machine. Also check the uid of the users in passwd to ensure no one tampered with that file.

Rooted! Definitely helps if you don’t stay in a reverse shell for user2. Thanks @IvanGlinkin for the hint!

Type your comment> @Nebr0s said:

Hey guys, I am pretty stuck atm. I get a user2-shell by putting something somewhere and calling it. But it’s unprivileged and no way to alter it. So the interesting commands don’t work. I tried many payloads i know and from msfv.

Ohter’s point towards the thing you get from somewhere, which I processed the usual way but it keeps asking for another password. Afaik that means it didn’t really work.

Can you give me a hint?

I kind of answered that question myself :wink:

Thanks for the box!

Rooted.
Foothold definitely takes more than the rest, but once you get in everything is very straightforward.
as a side note: much of the difficulties I encountered were due to the stains of sticky fingers left here and there by others…
Please, remove your own artifacts from the boxes once you’re done, and avoid messing up the actual files, thanks!

Need help with the curl part currently stuck with i**l as j*y.

Disregard I figured it out. :stuck_out_tongue:

@Cyb3rS41n7 said:

Need help with the curl part currently stuck with i**l as j*y.

Disregard I figured it out. :stuck_out_tongue:

I’m stuck there too any tips?

Type your comment> @magrene said:

@Cyb3rS41n7 said:

Need help with the curl part currently stuck with i**l as j*y.

Disregard I figured it out. :stuck_out_tongue:

I’m stuck there too any tips?

PM sent

I have a shell as the first user and found the i******l dir as well as what I should be doing. But I’m having trouble with the body of the POST request. Should I be looking to crack the str in the file? Had no luck with rock. :confused:

any tips/nudges; am I on the right track?

EDIT: I’m a big dumb. Rooted! Let me know if you need any help :slight_smile:

Can someone PM me, I am at the very end as Ja and at GTFO i know what to use to get the interactive shell. I run it but still says i am Ja and no root permissions. Can someone who completed it double check for me? just need to see if im doing everything right or missing something. Thank you.

deleted

Type your comment> @tony201 said:

Can someone PM me, I am at the very end as Ja and at GTFO i know what to use to get the interactive shell. I run it but still says i am Ja and no root permissions. Can someone who completed it double check for me? just need to see if im doing everything right or missing something. Thank you.

@tony201 pm me if you still need.