Multimaster

I just got user .

Was very tough but was worth it .A lot of manual work. I will not give you nudges because the exploitation is awesome and we should struggle .

For the initial users yes i can give a good article which can help for the overall exploit .
But finding the real user was insane and beautiful : )
I struggled so much but when i found it was super proud of me . Was so so cool …

Now onto root …Lets see if i will struggle again :smiley: most probably yes : )

BIG THANKS @egre55 and @MinatoTW for this amazing box .

If you have trouble smelling what the Rock is cooking, you can try to Google for “hash brown analysis online”. It’s not what you think it is.

To correct myself so that i dont sound so bad b**** :slight_smile:
For the next user i can also provide reading material

mariab

ROOTED i found root way easier than initial foothold. Of course there was a bit hopping thru users here as well : )

EDIT : seemed i skipped a step thru lateral movement
: ) but will go back and try to do as intended

I guess I need a nudge for root :confused: anyone willing to throw a nugget?

The path to user was one of the most awesome ones I have seen among the machines published.
Thanks @egre55 and @MinatoTW for creating the amazing challenge.

Stuck on root now for 2-3 days, went deep into 2 possible scenario’s but couldn’t quite get them working.

If anyone is willing to provide me a small nudge, I would highly appreciate it :slight_smile:

quick sanity check…got 4 unique hashes but can only crack 3 of them. Should I be able to get all 4?

No you need to find a user that can log in with a password. But first you need to find that user which is another moment of struggle : )

@velocicat

No you need to find a user that can log in with a password. But first you need to find that user which is another moment of struggle : )
also for that user you need to go back and search again

Finally rooted and I want to once again say:

This was the best machine I’ve ever done on this site, massive props to the creators!

Finally got user! On to root…Great box so far! Thanks to everyone for the nudges and the hints on the forum.

This has been a very hard box for me. Feeling pretty hard-stuck as I finally got nudges to get me close to finding certain types of accounts, but the responses I’m getting back are not being encoded/decoded cleanly. Not sure how to handle.

Type your comment> @MariaB said:

No you need to find a user that can log in with a password. But first you need to find that user which is another moment of struggle : )

indeed, I was struggling on this part as well, but very worthed it :smiley:

Type your comment> @MariaB said:

I just got user .

Was very tough but was worth it .A lot of manual work. I will not give you nudges because the exploitation is awesome and we should struggle .

For the initial users yes i can give a good article which can help for the overall exploit .
But finding the real user was insane and beautiful : )
I struggled so much but when i found it was super proud of me . Was so so cool …

Now onto root …Lets see if i will struggle again :smiley: most probably yes : )

BIG THANKS @egre55 and @MinatoTW for this amazing box .

Could I request this reading material please? :slight_smile:

May I ask someone a couple of questions regarding this box?

I have got user, but I am rather stuck on moving on to the next paths. I believe I have been down several rabbit holes which doesn’t lead anywhere, but that could be my lack of knowledge about these systems.

@metuldann said:

Could I request this reading material please? :slight_smile:

Same… :smile:

So far I have got a list of the users, and what I feel should be a POST request vuln to s*** using a tamper script. I’ve tried tweaking the tamper script but still failing hard.

I may need to give up on this and find the reading material @MariaB hinted at.

I don’t need hints yet, just ranting more than anything else :smile:

@TazWake said:

So far I have got a list of the users, and what I feel should be a POST request vuln to s*** using a tamper script. I’ve tried tweaking the tamper script but still failing hard.

I may need to give up on this and find the reading material @MariaB hinted at.

I don’t need hints yet, just ranting more than anything else :smile:

I doubt that the typical automation tools will get you there (even with according tamper scripts). I’d rather recommend writing a small script to exploit it. And then search for/find said reading material :wink:

Type your comment> @SgtSIGSEGV said:

May I ask someone a couple of questions regarding this box?

I have got user, but I am rather stuck on moving on to the next paths. I believe I have been down several rabbit holes which doesn’t lead anywhere, but that could be my lack of knowledge about these systems.

I’m in the same boat… I think I see that path to root this box, but must be missing a piece to this puzzle.