OpenAdmin

Rooted easy machine. I used Metasploit for my initial attack. If anyone used the .sh script to gain attack, please let me know. I’m tried it so many times, still now clear. Thank you

Having trouble getting the ja account access. Would appreciate the nudge. I’ve checked the il directory and found the h*h but no further than that.

Got initial shell and read all files but don’t know how get user1 password. Any hint?

@ErUnix said:

Got initial shell and read all files but don’t know how get user1 password. Any hint?

Look around. Read interesting files (but ignore the millions of webshells people leave lying around)

Type your comment> @TazWake said:

@ErUnix said:

Got initial shell and read all files but don’t know how get user1 password. Any hint?

Look around. Read interesting files (but ignore the millions of webshells people leave lying around)

I know the name of user1 and user2 but dont know how to get access and continue :confused:

@ErUnix said:

I know the name of user1 and user2 but dont know how to get access and continue :confused:

Look around more. You can find the password for user1 if you have a methodological search of the files and folders around where you issue you remote commands.

Once you get passwords you can SSH in.

Got J* password from S**, got to the i****l dir and looked around. I know there’s something running in port 56 but cant seem to reach it by any means…tips?

guys stop bruteforcing port 22 you are not going to find that password no matter what wordlist u are using please!!!

Rooted.Nice box! THX!

aaand rooted. wow that was fun, thank you @dmw0ng !
my hints
foothold: CVE, straightforward
user1: enum the ■■■■ out of the files on the systems and grab all loot you find in them. never underestimate the power of the bad password habits.
user2: if you cannot go internal through a door, climb in the window :slight_smile:
root: too easy to give any hint, just look for the standard stuff :slight_smile:

greetings!

currently stuck on doing some curly things…getting some kind of key which i obviously should not be supposed to see, but dunno what to do with that. anyone got some advice? really appreciate it :slight_smile:

edit: rooted! managed to figure it out. seems to be a good one to get the fundamentals

Rooted ! Fun but easy box. Feel free to PM if needed

Stuck so I got to j****a and now trying to use ***o to get ***t access. It keeps asking for password? I must be missing something can get the GTFO bin file to spawn me a shell but the password prompt stops me from getting what i really need it to do.

Type your comment> @magrene said:

Stuck so I got to j****a and now trying to use ***o to get ***t access. It keeps asking for password? I must be missing something can get the GTFO bin file to spawn me a shell but the password prompt stops me from getting what i really need it to do.

There is a command, that shows you what and where exactly you can run with sudo without being prompted for a password.

Type your comment> @RaNa said:

Type your comment> @khalid said:

(Quote)
Same Here, can some one give a nudge on root user.

I had the same problem. Tried to figured out why. I dropped a shell through il , not through s. I was in as ja, got user flag, but s*** -* simple didn’t come back with anything useful for privesc like others were talking about, like Gb. Once I changed method and logged in with S* creds it worked and saw what others were talking about. After this, easily rooted
Thx beemo123 for previous help.

someone can give me a hint in that curly thing? maybe i don’t know the syntax, i tryied the door, even the window, but i can’t enter.

Type your comment> @Meise said:

someone can give me a hint in that curly thing? maybe i don’t know the syntax, i tryied the door, even the window, but i can’t enter.

I used the command: curl URL

Type your comment> @Nebr0s said:

Type your comment> @Meise said:

someone can give me a hint in that curly thing? maybe i don’t know the syntax, i tryied the door, even the window, but i can’t enter.

I used the command: curl URL

yeah i use curl+url+port with the creds but it seems not working

EDIT: im dumb, it works

Type your comment> @Meise said:

Type your comment> @Nebr0s said:

Type your comment> @Meise said:

someone can give me a hint in that curly thing? maybe i don’t know the syntax, i tryied the door, even the window, but i can’t enter.

I used the command: curl URL

yeah i use curl+url+port with the creds but it seems not working

I curled as user1 locally on the target without creds, just curl url.

for god’s sake stop deleting the directory !!!