User: very straight forwarded, open your eyes, and check well known places for help
Root: due to guys bruteforcing and resetting this box for no reason a real headache, read the documentation and make use of it, there’s absolutely no need to reset, reload, or whatever this box to get root
Root was much more difficult than i thought after getting User.txt and vulnerability to be exploited for PrivEsc.
I hear a lot of people complaining about other users deleting their files… MAYBE it is some kind of AV on target?. And do you really need a shell to accomplish your goal?
I got user last week, revisited and got root. However the flag was not “correct” - I think that this is due to rotating hashes on the background to prevent cheating. Anyways - I reset the box, and it’s not staying up for 5 min straight for me to retrace my steps!
Can someone who’s rooted this box the CLI route give me a message? I’ve managed to root this box, but after revisiting the box to do my writeup i haven’t been able to the same way.
I can provide the hash I obtained at the time for proof or it can be seen on my profile. Cheers.
I’ve seen a lot of negativity towards this box, but have not over the last few days experienced any of the issues stated. I use a VIP subscription, maybe that has been the difference.
However, there are ways to root this box and ways not to. I’m not sure on the rules for submission, but I can’t for one second believe that rebooting a machine is allowed, so if a script that you find on a very popular database says to do this, I would probably start thinking there must be another way. I wouldn’t reboot the machine and upset other hackers. Just my thoughts, but that’s how I perceive it.
Otherwise, thanks for a really interesting box @dmw0ng , thanks also to @VbScrub and @LOLOLEKIK for getting me over the final hurdle.
I had to take a hint or two to get root on this one, but just want to say people are being too rough on this box. I’m sure at release with a lot of people reading a certain exploit, that it got reset and jumbled a lot.
I had a good time refreshing certain skills and learned a bit.
Nmap told me up front about a port that you check out its content for free After looking at what this server’s main purpose is, google the service. You’ll find a nice PoC on DB. Knowing windows paths will help.
Usuario: CVE y enumeración simple.
root: La verdad que no es necesario acceder a la web de ********++, ni seguir al pie de la letra el exploit encontrado, solo es cuestión de entender como funciona la vulnerabilidad. Recuerda que tiene una API, una lectura a la guía es el mejor camino. Luego de ello sabrás que ni es necesario reiniciar nada. Good Luck!
This is very frustrating, I know what I need to do regarding “the service” for root, I have my .b and n.e* on the box.
My struggle here is the whole driving through the tunnel stuff, can someone provide a useful resource to read up on this? (I have never done it before).
The other approach was reading the docs for the service, but I don’t seem to be able to change anything from the cmd either
[UPDATE] NM Rooted! This box is a pain in the ***.
Anyway, for root, use the api, the webui is a joke
Hi all,
just wondering…
As the 80 and 443 are not open when i did my reco.
How a website can run in http://10.10.10.184 ? i don’t understand …
thanks for your replies
Hi all,
just wondering…
As the 80 and 443 are not open when i did my reco.
How a website can run in http://10.10.10.184 ? i don’t understand …
thanks for your replies