OpenAdmin

Stuck so I got to j****a and now trying to use ***o to get ***t access. It keeps asking for password? I must be missing something can get the GTFO bin file to spawn me a shell but the password prompt stops me from getting what i really need it to do.

Type your comment> @magrene said:

Stuck so I got to j****a and now trying to use ***o to get ***t access. It keeps asking for password? I must be missing something can get the GTFO bin file to spawn me a shell but the password prompt stops me from getting what i really need it to do.

There is a command, that shows you what and where exactly you can run with sudo without being prompted for a password.

Type your comment> @RaNa said:

Type your comment> @khalid said:

(Quote)
Same Here, can some one give a nudge on root user.

I had the same problem. Tried to figured out why. I dropped a shell through il , not through s. I was in as ja, got user flag, but s*** -* simple didn’t come back with anything useful for privesc like others were talking about, like Gb. Once I changed method and logged in with S* creds it worked and saw what others were talking about. After this, easily rooted
Thx beemo123 for previous help.

someone can give me a hint in that curly thing? maybe i don’t know the syntax, i tryied the door, even the window, but i can’t enter.

Type your comment> @Meise said:

someone can give me a hint in that curly thing? maybe i don’t know the syntax, i tryied the door, even the window, but i can’t enter.

I used the command: curl URL

Type your comment> @Nebr0s said:

Type your comment> @Meise said:

someone can give me a hint in that curly thing? maybe i don’t know the syntax, i tryied the door, even the window, but i can’t enter.

I used the command: curl URL

yeah i use curl+url+port with the creds but it seems not working

EDIT: im dumb, it works

Type your comment> @Meise said:

Type your comment> @Nebr0s said:

Type your comment> @Meise said:

someone can give me a hint in that curly thing? maybe i don’t know the syntax, i tryied the door, even the window, but i can’t enter.

I used the command: curl URL

yeah i use curl+url+port with the creds but it seems not working

I curled as user1 locally on the target without creds, just curl url.

for god’s sake stop deleting the directory !!!

Spoiler Removed

can someone help me, I’m in the index.php folder, what should I do now?, someone could help me, I’m lost, I have ssh j … @ 10.10.10.171: $
can anybody help me ?

found priv*** k** in local system via curl but it is not working at all while parsing to ssh and john any nudge?

Just finished them machine. This was my first active machine. Put about 8 hours in total into the machine. Along the way I learned a lot and really enjoyed every step. PM me if you have any questions!

Spoiler Removed

since when is there a login form with the title Tutorialspoint?

got user.txt without having access to jo*a account :stuck_out_tongue: , but access is required to get root. Is the key that mn.php returns valid?

Type your comment> @kkaz said:

@neoconfig said:
can someone help me, I’m in the index.php folder, what should I do now?, someone could help me, I’m lost, I have ssh j … @ 10.10.10.171: $
can anybody help me ?

use curl on this with ji*** creds, run curl again but this time on m**n.php you will get the thing.
I am stuck after getting thing

I am at the same point. I have managed to use curl to obtain the interesting file however whenever I try to use this for user2 it doesn’t work. Not sure if I need something extra or an issue with the box, any advice or a nudge would be great.

Type your comment> @kkaz said:

got user.txt without having access to jo*a account :stuck_out_tongue: , but access is required to get root. Is the key that mn.php returns valid?

Ask John should be give you confirmation.

@kkaz said:

found priv*** k** in local system via curl but it is not working at all while parsing to ssh and john any nudge?

John has a helper app for this.

@JDR0x7CC said:

Type your comment> @kkaz said:

@neoconfig said:
can someone help me, I’m in the index.php folder, what should I do now?, someone could help me, I’m lost, I have ssh j … @ 10.10.10.171: $
can anybody help me ?

use curl on this with ji*** creds, run curl again but this time on m**n.php you will get the thing.
I am stuck after getting thing

I am at the same point. I have managed to use curl to obtain the interesting file however whenever I try to use this for user2 it doesn’t work. Not sure if I need something extra or an issue with the box, any advice or a nudge would be great.

The thing should work. You might need to do some other things to it to get the extra bit you need to make it work.

Finally got root. For me some parts of this box were more difficult than Bitlab. Thanks to @IAMTH3G33K17 @0xPloit I learned something new. And thanks to @gunroot I learned that I already had pass for user1 two days ago

Question. Are new, free, easy boxes always like that? Everything lagging, people bruteforcing ssh, broadcasting in the terminal?