Traverxec

this box was fun. Enumeration is the KEY. I always laugh when i read that, it’s like saying ’ getting root.txt is the key’ haha. I get it, and agree…just think its funny. anyone need help hit me up.

Help me.

I found user: hash

I can’t break.

@fbr0 said:

Help me.

I found user: hash

I can’t break.

The user hash should break under john.

@n0r3m0rs3 said:

Anyone can help me?
I’m stuck, I can’t go on with the root user.
I find s****-s****.sh", which cointains an interesting command.
Gt***s is not my friend :neutral:

Think about how the bins work. For me, the easiest way was to make sure the console window was small enough it triggered the issue. If it just displays and exits, you cant GTFO in the manner described.

@mrZapp said:

Hi guys,

Still a bit stuck with root. Just read through this thread a bit.

But somehow I don’t get the dots connected.

I currently work as d … with a s … - s … sh file. Which I think I work with the right command. When I change subtle things, it sometimes asks for a password, so this depends on what is being changed. Okay good information to have, but I miss the last bit. Also with GTFO I don’t get much further.

Would you like to take a look at where I’m going in the ship?

Thanks a lot in advance

Chances are, the size of your console window matters here.

Type your comment> @TazWake said:

@fbr0 said:

Help me.

I found user: hash

I can’t break.

The user hash should break under john.

I’ve tried many options from john.

I’m out of the way.

@fbr0 said:

I’ve tried many options from john.

I’m out of the way.

Ok, there isn’t much more I can offer then other than make sure you have an actual password hash.

Type your comment> @TazWake said:

@mrZapp said:

Hi guys,

Still a bit stuck with root. Just read through this thread a bit.

But somehow I don’t get the dots connected.

I currently work as d … with a s … - s … sh file. Which I think I work with the right command. When I change subtle things, it sometimes asks for a password, so this depends on what is being changed. Okay good information to have, but I miss the last bit. Also with GTFO I don’t get much further.

Would you like to take a look at where I’m going in the ship?

Thanks a lot in advance

Chances are, the size of your console window matters here.

you can also do this without the window size if it’s not working for you. there’s a few ways. check out a quick article or youtube vid on gtfobins in general. a little info and you can make this happen with small changes to the command.

Finally root!
Special thanks @BINtendo @IamKsNoob

Just rooted the box! I actually really liked this one. Required me to do a bit of research to understand how to exploit anything. It’s pretty straightforward if you’re willing to be patient and read a bit of documentation. PM for help.

Very Cool Box!

I learned a lot about web server administration on this one.

Initial Foothold: Something is susceptible.
User: Enumerate and read the man page, you should then see where someone would find a place to place their Protected File, one could even call it an Area for those items. Then call on Johnny boy to assist.
Root: GTFO Bins…and if you have issues…switch terminals.

Hello
could you help me how to decrypt hash about .h*******
John or hashcat says same thing No hashes loaded.

Rooted

Hello
could you help me how to decrypt hash about .h*******
John or hashcat says same thing No hashes loaded.
Quote

@bartounet said:

Hello
could you help me how to decrypt hash about .h*******
John or hashcat says same thing No hashes loaded.
Quote

It should work with John. You can try to specify the format or try with GitHub - openwall/john: John the Ripper jumbo - advanced offline password cracker, which supports hundreds of hash and cipher types, and runs on many operating systems, CPUs, GPUs, and even some FPGAs.

Having an issue with the exploit shell script… PM me if you can help!

EDIT
I gave up on the manual exploit and just used the metasploit module

@LMAY75 pm me if you still need

Lol this box is gonna make me kms I can’t find the “interesting file” after the initial foothold to save my life. Any help would be appreciated.

EDIT
I got it thanks for the help @IamKsNoob

@LMAY75 said:

Lol this box is gonna make me kms I can’t find the “interesting file” after the initial foothold to save my life. Any help would be appreciated.

Really not sure where you are, but in very general terms use of ls and cat to read files is a good approach here.

Assuming you are w*******a you can read some conf files in the path of the webserver. They contain loot.

crikey… spent 2 days banging my head against the wall to get user, and only 10 mins further to get root. I need a lie down.