Book

Managed to get the admin account.

Any hint on the pdf collection?

The box was really fun and tough PM me for help

Type your comment> @Khecari said:

Managed to get the admin account.

Any hint on the pdf collection?

Think about what you can see in the at pdf based on what you did as a low priv user.

@sparkla said:

Reset the box, still not working - either some dude is hammering the register with a script to secure his own access or something broke… Does it still work for you guys?

Bear in mind, everyone who attacks the box will (eventually) change the password so your password won’t work.

If you’ve left it for any period of time, or the box has reset, you need to re-exploit the first bit again.

Server are too slow

can i ask something regarding to root? im waiting lets say for ever, for the l… r…e to get shell , its normal??

Ok, so now i’m at the point where i found a pub and private key, but they say they’re the wrong format?? i think the pub is too short, trying different editors to see the whole key…

Found the full public key, still wont work…

Type your comment> @lucaswebb24 said:

Found the full public key, still wont work…

the pub key of course don’t work…

I could need some help for root. I don’t notice anything unusual, what should I be looking for?

@kalitkd said:

can i ask something regarding to root? im waiting lets say for ever, for the l… r…e to get shell , its normal??

No. You may need to edit the target file.

Spoiler Removed

Rooted ! Challenging box. I don’t want to spoil, so this is the helpful comments in my opinion:

User part1: Last comment of @embranco on page 4.
User part2: Discussion of @lucaswebb24 and @TazWake on page 8.
User part 2.1: Comment of @syn4ps on page 5.

Root: Comment of @zaphoxx page 5.

PM for help!

Please stop DOSing the machine. It’s not gonna get you anywhere and you’re ruining the experience for everyone.

edit: Totally unusable. Other boxes work fine. Gonna do something else and hopefully the person doing this will reevaluate his actions.

afther two days rotating my head with the root process…

root@book:~# id
id
uid=0(root) gid=0(root) groups=0(root)
root@book:~#
root@book:~# cat root.txt
cat root.txt
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
root@book:~#

@sparkla said:

Happy when I found out same old exploit worked all the time, just other users got in the way…

But: I got the private key, unable to get it into the right format, tried various bash tools and graphics design software to extract the text from PDF - invalid format. The key looks good otherwise, header and footer intact.

The page width might be cutting off bits.

got user. Thanks for all the hints!

Type your comment> @sparkla said:

Type your comment> @TazWake said:

@sparkla said:

Happy when I found out same old exploit worked all the time, just other users got in the way…

But: I got the private key, unable to get it into the right format, tried various bash tools and graphics design software to extract the text from PDF - invalid format. The key looks good otherwise, header and footer intact.

The page width might be cutting off bits.

Yes I noticed that right away. That why I tried multiple tools, but linebraks and blank spaces are messed up. Which tool did you use? I tried pdf2text and Affinity Photo, Okular & Foxit PDF

you dont need any software for that… <"pre+…

Struggling with root, been looking for odd services all day, nothing is sticking out like a sore thumb

Removed