Traceback

@thescriptkiddy said:

can someone plzz give me nudge on root…

Enumeration.

And SSH can trigger things.

Type your comment> @TazWake said:

@thescriptkiddy said:

can someone plzz give me nudge on root…

Enumeration.

And SSH can trigger things.

ik bout 00-h***er but still i dont know what to do :confused:

@thescriptkiddy said:

ik bout 00-h***er but still i dont know what to do :confused:

Well, in very general terms - make it suit your needs, then get it to trigger.

People are really messing up the box… They’re deleting luvit ?

Type your comment> @spowlay said:

People are really messing up the box… They’re deleting luvit ?

yea. There was a group of people deleating it earlier and then blocking resets. Most of the vip labs are ok. Idk about the free ones

Just rooted the box! User was quite fun and easy. Root was challenging for me, but thanks to some nudges from @ChefByzen I was finally able to get root! Learned a lot of new things doing this machine!

  • Foothold: Enumerate everything you see and don’t only rely on tools, but also follow some hints manually.
  • User: Once you’re on the machine, there’s a tool available on the machine that you might want to use. Hints for that can be found were you’ll probaly look anyway to own user.
  • Root: Enumerate the machine and try to understand the processes that run on it. Great tools for that have already been named here in the thread. Find a way to exploit these processes - to do that, you should find a way to go into the box from the front door, instead of the back door.

finally rooted, thanks a lot for pointing to the right direction @HomeSen !!! Nice box , root needs to play with the sleeping time for system

I just redid the machine after the patches and still so funny how everyone tries to upload his own rshell xD

little hint because a lot are stuck at the part with the new language:

you can use gtfo for more than only root…
… and if the first command doesnt work maybe you didn’t try hard enough!

So many people uploading shells, and deleting files. :smiley:

EDIT - Got user - cheers @h3105 . Working on root. :wink:

My tip for user… some processes don’t work so well running non-interactive

A short & enjoyable box. - Nice one Xh4H

Easy but funny box, thanks @Xh4H

Got root. Box needed to be reset as someone messed with the files again…

Cheers to @nyckelharpa for the pointers

got syin user, ran py , aware of 00-h*, and have no idea how yo advance from here.

need help pls :frowning:

Rooted, fun box !

Anyone can give me a hint on root privilege escalation?

I’m open and online atm if you need pointers.
PM me with where you are up to and we can chat!

Type your comment> @sakas4 said:

Type your comment> @Big7asty said:

@DrayAgha @sakas4
On the right path, sudo --help is all you need to get there.
Thank you @Ursa

I rly tried everything.

It doesnt work.
try sudo -l

Having how to own user change after coming back after a couple days break was SUPER annoying; I thought some asshole kept removing the necessary file after resets. So if you were working on this a few days back and are thinking people are deleting things, they might be, but they also may have moved things around on you.

Otherwise it was a fun box and I learned a good bit. Thanks!

Type your comment> @53c0nd2473 said:

Having how to own user change after coming back after a couple days break was SUPER annoying; I thought some asshole kept removing the necessary file after resets. So if you were working on this a few days back and are thinking people are deleting things, they might be, but they also may have moved things around on you.

Otherwise it was a fun box and I learned a good bit. Thanks!

Well this doesn‘t really matter. U actually always can see where this certain file is located, otherwise you wouldnt be able to run it as you do.

@h3105 said:

@53c0nd2473 said:
Having how to own user change after coming back after a couple days break was SUPER annoying; I thought some asshole kept removing the necessary file after resets. So if you were working on this a few days back and are thinking people are deleting things, they might be, but they also may have moved things around on you.

Otherwise it was a fun box and I learned a good bit. Thanks!

Well this doesn‘t really matter. U actually always can see where this certain file is located, otherwise you wouldnt be able to run it as you do.

Well, the problem is that, due to the constant resets, people tend to script their way through the initial foothold. And those scripts will now always fail :wink: