So after some headaches, I have to say the box is straight forward and I would rater rate it medium.
For initial touch,…as many already wrote…enumerate, find the obvious and abuse it
from shell to user…well yea…timing is everything ;D
from user to root…well that’s a bit tricky and was for me the complicated part…you just have to break it…it helped me to add some prints and play around with the file.
the last step was pretty easy and quick as its kind of obvious (basic enumeration)
And please use the last command you can run as sudo or at least reset the box
I am able to read files using p************.p** but cannot find anything useful since I am doing it blindly and cannot find the location of the b****p directory. Any nudge would be appreciated
I’m at a very similiar stage, I can read files and some limited source files, just not sure where to go from here, Have some info about db but not sure how or where to use it.
I am able to read files using p************.p** but cannot find anything useful since I am doing it blindly and cannot find the location of the b****p directory. Any nudge would be appreciated
I’m at a very similiar stage, I can read files and some limited source files, just not sure where to go from here, Have some info about db but not sure how or where to use it.
Yes, I did that with rockyou list but failed all pass as keys
Try a more brute force approach.
bad idea. if rockyou dosen’t work for you, you’re doing something wrong.
Thank you both a lot … you’re awesome … Your both point of view is correct … I was able to get it by both ways … Thank you … Insane Machine … thanks for the creators @InfoSecJack & @chivato … I have learned really a lot in those 2 days, I wish the attached mp3 wasn’t empty;) … I’m so interested in know if that image has another path to the solution …
Final step I had found it exist … SO I have to undo what else leave behind and re-do the final step again … then clean my work …
can anyone give me a hint on the python c****o either on a smarter way of attacking it, i’m having issue with brute forcing it, possibly python 2.7 vs 3 string processing reading from files