OpenAdmin

Rooted! Very good box. I have learned a lot. The hints here more than enough for you to solve. However, you have to feel pain along the way it is best way for learning. :slight_smile:

Type your comment> @RaNa said:

Type your comment> @khalid said:

(Quote)
Same Here, can some one give a nudge on root user.

Which user are you running as?

Been stuck for the past few hours on getting the second user. So I am currently in j**** trying to get access to ja. Found the interesting thing in the il folder w/ the i**.p* files. I think I understand what those files are supposed to be doing but I do not understand how to make use of them. Found the password in one but haven’t made any progress since then.

Type your comment> @3ken45 said:

Type your comment> @RaNa said:

Type your comment> @khalid said:

(Quote)
Same Here, can some one give a nudge on root user.

Which user are you running as?

j****a

Type your comment> @RaNa said:

Type your comment> @3ken45 said:

(Quote)
j****a

Then you are on the right user, and it should work…

Try resetting the machine. Also check the uid of the users in passwd to ensure no one tampered with that file.

Rooted! Definitely helps if you don’t stay in a reverse shell for user2. Thanks @IvanGlinkin for the hint!

Type your comment> @Nebr0s said:

Hey guys, I am pretty stuck atm. I get a user2-shell by putting something somewhere and calling it. But it’s unprivileged and no way to alter it. So the interesting commands don’t work. I tried many payloads i know and from msfv.

Ohter’s point towards the thing you get from somewhere, which I processed the usual way but it keeps asking for another password. Afaik that means it didn’t really work.

Can you give me a hint?

I kind of answered that question myself :wink:

Thanks for the box!

Rooted.
Foothold definitely takes more than the rest, but once you get in everything is very straightforward.
as a side note: much of the difficulties I encountered were due to the stains of sticky fingers left here and there by others…
Please, remove your own artifacts from the boxes once you’re done, and avoid messing up the actual files, thanks!

Need help with the curl part currently stuck with i**l as j*y.

Disregard I figured it out. :stuck_out_tongue:

@Cyb3rS41n7 said:

Need help with the curl part currently stuck with i**l as j*y.

Disregard I figured it out. :stuck_out_tongue:

I’m stuck there too any tips?

Type your comment> @magrene said:

@Cyb3rS41n7 said:

Need help with the curl part currently stuck with i**l as j*y.

Disregard I figured it out. :stuck_out_tongue:

I’m stuck there too any tips?

PM sent

I have a shell as the first user and found the i******l dir as well as what I should be doing. But I’m having trouble with the body of the POST request. Should I be looking to crack the str in the file? Had no luck with rock. :confused:

any tips/nudges; am I on the right track?

EDIT: I’m a big dumb. Rooted! Let me know if you need any help :slight_smile:

Can someone PM me, I am at the very end as Ja and at GTFO i know what to use to get the interactive shell. I run it but still says i am Ja and no root permissions. Can someone who completed it double check for me? just need to see if im doing everything right or missing something. Thank you.

deleted

Type your comment> @tony201 said:

Can someone PM me, I am at the very end as Ja and at GTFO i know what to use to get the interactive shell. I run it but still says i am Ja and no root permissions. Can someone who completed it double check for me? just need to see if im doing everything right or missing something. Thank you.

@tony201 pm me if you still need.

Type your comment> @LMAY75 said:

Who can help with using john… don’t think ive actually ever used it before lol

google

I have ja pass but every time i try to use it i have wrong pass, is it b******a really?
i got the user flag, but i cant have user 2 shell, i’m trying to get root without user2

Why would anyone change the permissions of i*******l folder? I swear yesterday I had access, but now r is not there.

Rooted!
What a fun box! Some spots were tricky for me as a new person, others where not too bad!

Initial:
Do your enumeration. Something should stick out. Google is your friend. Once you find what you need, read it carefully and understand how it works. It isn’t a simple point and click. What is the program asking for?
User1:
Got a shell but it kind of sucks? As long as it navigates and can read things, it’s all you’ll need. Look around where you are and start reading files. You should eventually find something interesting. Users are lazy after all.
User2:
Did you find something interesting in that sucky shell that you couldn’t read? Maybe have another look. Start asking questions and figuring things out. some forward thinking is helpful here.
Root:
Do the usual stuff when privilege escalating. Something should stick out. Now would be a good time to GTFO :wink:

Hopefully that helps my fellow strugglers and isn’t too spoilery.

Thank you so much @emmycat and @1xWiZARD you guys were extremely helpful and I learned a whole bunch of new things today. Definitely an enjoyable learning experience.

I still not found how to use the downloaded exploits (4****.rb , 4****.sh) to get access to the server . Anyone please give me a nudge.