Magic

i think this box might be anti-burp or something…
wtf!? :blush:

Spoiler Removed

@Rayz said:

i think this box might be anti-burp or something…
wtf!? :blush:

Good job you dont need burp :smile:

Spoiler Removed

@jiggle said:

So, I finally kind of got root. Read the flag, & my shell prompt changed to root@ubuntu, but my shell isn’t interactive. grrrrr.

soooo close.

There is another comment here where the root shell appears to be root@ubuntu - that is significantly different to the root shell I got.

Type your comment> @TazWake said:

@jiggle said:

So, I finally kind of got root. Read the flag, & my shell prompt changed to root@ubuntu, but my shell isn’t interactive. grrrrr.

soooo close.

There is another comment here where the root shell appears to be root@ubuntu - that is significantly different to the root shell I got.

Interesting.

I’ll keep at it…
thanks

Spoiler Removed

Spoiler Removed

Spoiler Removed

Spoiler Removed

Rooted.
The root part is an old but always funny technique (also present in a OSCP lab machine).

Spoiler Removed

Spoiler Removed

Rooted!

Rooted, thank you to @JMFL for keeping me on target. Root was very cool. Much of the hints have already been said. With the standard enum scripts you may miss an important file. There is a certain python tool (previously mentioned) that will help you verify which file that is special. Once you know what it does, work your magic to have it do what you want first.

root@ubuntu:/root# whoami && hostname
whoami && hostname
root
ubuntu

Rooted, fun box overall especially enjoyed the initial foothold, User wasn’t to exceptional, and root despite being simple was a lot of fun.

Hints:

foothold: Dont overthink it, bypass your restrictions and use your magical powers to hide something in something else. After that find where things end up after you leave them.

User:
What you initially find may not be the whole answer, but it can be part of the solution. If the initial tool you try isnt there, maybe go searching through alternatives.

Root:
Basic enum scripts to find interesting files, after that check to see what different users do behind the scenes when you use these interesting files, with the final step: where does linux usually search for these kinds of files? Can you modify that?

Rooted with all the helpful hints here. Thanks for all :slight_smile:

Spoiler Removed

Spoiler Removed

Can anyone help me in root, figured out s*****o can be used but donno how to exploit it