Magic

1568101121

Comments

  • So, I finally kind of got root. Read the flag, & my shell prompt changed to [email protected], but my shell isn't interactive. grrrrr.

    soooo close.

    jiggle

    Feel free to ask for hints/nudges. Just PM me what you've already done, & give respect if I help you.

  • i think this box might be anti-burp or something....
    wtf!? :blush:

    Rayz

  • edited April 21

    Spoiler Removed

  • @Rayz said:

    i think this box might be anti-burp or something....
    wtf!? :blush:

    Good job you dont need burp :smile:

    TazWake

    Happy to help people but PLEASE explain your problem in as much detail as possible!

    Also: https://www.nohello.com/

  • Spoiler Removed

    TazWake

    Happy to help people but PLEASE explain your problem in as much detail as possible!

    Also: https://www.nohello.com/

  • @jiggle said:

    So, I finally kind of got root. Read the flag, & my shell prompt changed to [email protected], but my shell isn't interactive. grrrrr.

    soooo close.

    There is another comment here where the root shell appears to be [email protected] - that is significantly different to the root shell I got.

    TazWake

    Happy to help people but PLEASE explain your problem in as much detail as possible!

    Also: https://www.nohello.com/

  • Type your comment> @TazWake said:

    @jiggle said:

    So, I finally kind of got root. Read the flag, & my shell prompt changed to [email protected], but my shell isn't interactive. grrrrr.

    soooo close.

    There is another comment here where the root shell appears to be [email protected] - that is significantly different to the root shell I got.

    Interesting.

    I'll keep at it..
    thanks

    jiggle

    Feel free to ask for hints/nudges. Just PM me what you've already done, & give respect if I help you.

  • *Spoiler Removed*
  • Spoiler Removed

    TazWake

    Happy to help people but PLEASE explain your problem in as much detail as possible!

    Also: https://www.nohello.com/

  • *Spoiler Removed*
  • Spoiler Removed

    TazWake

    Happy to help people but PLEASE explain your problem in as much detail as possible!

    Also: https://www.nohello.com/

  • Rooted.
    The root part is an old but always funny technique (also present in a OSCP lab machine).

  • Spoiler Removed

    jiggle

    Feel free to ask for hints/nudges. Just PM me what you've already done, & give respect if I help you.

  • Spoiler Removed

  • edited April 22

    Rooted, thank you to @JMFL for keeping me on target. Root was very cool. Much of the hints have already been said. With the standard enum scripts you may miss an important file. There is a certain python tool (previously mentioned) that will help you verify which file that is special. Once you know what it does, work your magic to have it do what you want first.

    [email protected]:/root# whoami && hostname
    whoami && hostname
    root
    ubuntu

    limelight

  • Rooted, fun box overall especially enjoyed the initial foothold, User wasn't to exceptional, and root despite being simple was a lot of fun.

    Hints:

    foothold: Dont overthink it, bypass your restrictions and use your magical powers to hide something in something else. After that find where things end up after you leave them.

    User:
    What you initially find may not be the whole answer, but it can be part of the solution. If the initial tool you try isnt there, maybe go searching through alternatives.

    Root:
    Basic enum scripts to find interesting files, after that check to see what different users do behind the scenes when you use these interesting files, with the final step: where does linux usually search for these kinds of files? Can you modify that?

  • Rooted with all the helpful hints here. Thanks for all ^_^

  • edited April 22

    Spoiler Removed

  • edited April 22

    Spoiler Removed

  • Can anyone help me in root, figured out s*****o can be used but donno how to exploit it

    s1lv3rst4r

  • got root:

    for user: very basics, what you can enter to log in? how can you trick the upload, use your tools.
    root: good old g0tm1lk chearsheet, very basic

    pm for nudges

    OSCP
    el3ctr0

  • Type your comment> @s1lv3rst4r said:

    Can anyone help me in root, figured out s*****o can be used but donno how to exploit it

    me

  • Finally I rooted this machine. Root path was very new to me though it's an old trick. Thanks @TRX

    AidynSkullz

  • So, just rooted this box. But couldn't understand one particular thing. Would someone clear my doubt?

    heisenb3rg

  • @heisenb3rg said:

    So, just rooted this box. But couldn't understand one particular thing. Would someone clear my doubt?

    Possibly.

    TazWake

    Happy to help people but PLEASE explain your problem in as much detail as possible!

    Also: https://www.nohello.com/

  • Finally rooted the box. Spent alot of time on sillythings.
    Big shoutout to @solid5n4k3 and @sh4d0wless for the hints

    Foothold: Basic Dump and Bypass. You can get it without the use of a script but with all the resets going on i ended up making a script to speed up the process of getting back in.

    User: Use what you found in your foothold. Looks like you can do this two ways

    Root: Spent along time on this. Alot of useful tips in this thread already, i found it easier to have two shells on the box so you can see what the other is doing. After that you just need to be on the right path

    Sharktank

  • Spoiler Removed

  • edited April 22

    Rooted!!
    user is straightforward hint get a stable shell for it!!!
    for root try to find the interesting files using different scripts online.
    after that try to read the file and find out the things its calling to do its work ;)

  • anyone can give me hint for initial foothold? I am stuck on bypassing login form...

Sign In to comment.