Traceback

PM me for help on this one i enjoyed it, finished doing my re write this morning

Could someone help me on this?

  1. I initially did OSINT and used the forum to Internetzzz the webpage and able to login.
  2. I checked that a programming language should be used which I had no idea but managed to get it from the history.
  3. Now as defined by sudo -l, I tried to swich user and run the command sudo -* s*** /home/sysadmin/luvit *.lua
  4. I performed the above command through the console of the backdoor
    I don’t see anything after that.
    Please help me here to move further

@PChan said:

Please help me here to move further

There are a few ways you can do this. You can either create a script in the language which does things to grant you access or you can get the fck out of the shell.

Type your comment> @TazWake said:

@PChan said:

Please help me here to move further

There are a few ways you can do this. You can either create a script in the language which does things to grant you access or you can get the fck out of the shell.

I stayed and did it. Thank you

Rooted, thanks for this machine. I don’t really understand the moaning about resets, didn’t disturb me at all. Foothold was quite unique, user was rather simple, a lot of useful hints on the forum. Root was a lot of fun, timing is important but I managed to get it on the first try.

Wasted a lot of time on not setting the correct permissions on a specific file. Nice machine learned a lot.

ROOTED!

Type your comment> @squirrelpizza said:

So far I found the 2 ports open after doing an all ports scan. Directory busting got me nothing, I saw the clue on the web server. But I do not see anywhere to upload the web shell. Can someone give me a nudge as how to get to a spot to upload?

Did you get where to upload?

Rooted, finally…after sooooooooo many attempts.
Hint, don’t overthink it…(like I did for the last 4 hours).

thanks Xh4h, great box! it was a pain that sometimes it would crash after getting first shell but learned a thing about ssh and a new programming language

pm for hints. pleased to help!

Hi guys, i need help with this machine.
i am trying to connect with SSH but get an error message of “access denied, please try later” i do not want to write all steps here because maybe other people did not reach this step yet… but any suggestions? i gave the right permissions to the relevant files, edited the sshd.config as needed and still get the same error.
any suggestions? :frowning:

Already spawned a shell…Now having trouble escalating privileges…any hints??

@RomeosCyber there is a way of escalating using certain files in certain folders within your initial shell

@Karthik0x00 said:
Type your comment> @squirrelpizza said:

So far I found the 2 ports open after doing an all ports scan. Directory busting got me nothing, I saw the clue on the web server. But I do not see anywhere to upload the web shell. Can someone give me a nudge as how to get to a spot to upload?

Did you get where to upload?

you found the hint have you tried looking up that hint?

@> @callmevader said:

@Karthik0x00 said:
Type your comment> @squirrelpizza said:

So far I found the 2 ports open after doing an all ports scan. Directory busting got me nothing, I saw the clue on the web server. But I do not see anywhere to upload the web shell. Can someone give me a nudge as how to get to a spot to upload?

Did you get where to upload?

you found the hint have you tried looking up that hint?

yeah
i already have the sn and wn ssh shells, still struggling with priv esc

so what can you find in their directories?

Type your comment> @callmevader said:

@Karthik0x00 said:
Type your comment> @squirrelpizza said:

So far I found the 2 ports open after doing an all ports scan. Directory busting got me nothing, I saw the clue on the web server. But I do not see anywhere to upload the web shell. Can someone give me a nudge as how to get to a spot to upload?

Did you get where to upload?

you found the hint have you tried looking up that hint?

Yup I got it. But stuck at privilege escalation to r**t. Any hint?

@Karthik0x00 said:

Yup I got it. But stuck at privilege escalation to r**t. Any hint?

Try Spying on the running processes

Nice box. And good to have a privesc that’s not too easily spelled out by automated scripts.

I’m a bit curious on a certain job that appeared to run on the box, with an executable in UPPER CASE which didn’t actually existe on the box ?!

How are people getting ideas of OSINT? i see it nowhere in the page source!
and also the author has collection of web-shells? but how do i use this info?
and also how do i use OSINT to proceed further?