I’m so close, and so annoyed. Can’t root via d***** , as I’m 32 and not 64. 2 days of my life I wish I’d spent elsewhere! If anyone knows an unintended method, I’d appreciate a nudge over PM as I can’t do it the intended way(unless I’m missing something?)
Edit - Now done. Definitely don’t look at this if you running the Kali OSCP exam VM as your base.
Need someone to kindly give me a nudge, I’m running the d***** im*** and I can see that I can ssh to the remote box but I can’t seem to crack the passphrase for the ssh key?
edit2: rooted, but i think someone had borked the box a bit, had to reset it before i could do my exploit to pivot to second user, that was a really fun box
Done, not convinced that the ‘protection’ around user2 is that true to life. I think that most installs would instead use immutable data rather than overwrite. BUt that would make this even more difficult then
Right… got the root shell. The way to it is not far from the root flag.
However is the user1 --(b***t-C*S)--> user2 the intended way? There is this lack luster protection in place, that was pretty easy to get around. Not sure if that was intentionally easy to get around of if that’s not the intended way.