Rooted, overall the user1 → user2 part maybe is the best thing on the box.
For user1. there are too many hints on some posts here the exact tool is mentioned, user2, i made it with a small bash script, it’s easy just think about it, possibly you can do it even without scripting anything.
Root, as mentioned before stay at home
Feel free to drop me a message I’ll be happy to assist as always.
i accessed the documents and retrieved some juice content. but i havent been able to use that on the login page. also tried to access other place but with no luck. can someone give me a nudge on what to look into?
need a sanity check regarding user. I am logged in know about the e*****e exploits. I also think I have the correct input point. however it doesnt seem to work. could someone pm me and I will share in more detail what I am trying to do. thanks
Rooted.
These are my tips:
foothold: ALWAYS launch 2 nmap, one for one side and one for the other side.
user: pay attention to that fu**ing “ltd”
1->2: use nc and while loops to understand what is happening
root: read, read, read, read… yes, that strange string is the way
Hi, also trying to get user2, I have tried numerous exploits with the ce, looked at every tt and found some causing “5**” errors which indicate "ce". Is user2 got from p***.q****.h** or q****.h**. Would love a PM to help…
Terrible machine ,i got only user and now i cannot even repeat it again .
All the time errors ,all the time resets.
The only positive thing was in the beginning where we had to update smt to access the site ,after that i spent more time fighting the other people resets and changes instead of working on the machine itself .
i wanted to continue on with the movement , unfortunately not possible : (
Terrible machine ,i got only user and now i cannot even repeat it again .
All the time errors ,all the time resets.
The only positive thing was in the beginning where we had to update smt to access the site ,after that i spent more time fighting the other people resets and changes instead of working on the machine itself .
i wanted to continue on with the movement , unfortunately not possible : (
Nice box but I wasted a sh*t ton of time on user1 → user2 escalation as the command that I first sent wiped clean the file I wanted to read… And it is possible to do that with all the files that belong to user2.
Anyway, a part from that nice box especially the foothold and user!
My hint for root: Don’t go too far away from home, and enum scripts did not help me. There is no need to exploit anything, just find it and try it.
Hey, If you are getting Error Retrieving URL its intended behavior. Please try to understand what’s going on the box. I’m sure you feel so stupid after knowing why it did.
One of the things I love about your boxes is how often I feel stupid in the process of trying to root them.
I think I am stuck on this right now but I have some ideas on how to progress (not asking for hints yet). I dont know if I am imagining it but port seems to matter and when a request is messed up, it messes lots of things up.
EDITED: Yeah, my plan worked - still not 100% sure. Now I am convinced I can see the path I need to follow but I cant get the commands to work in the shell.
Hey, I’m stuck on using the juice from the documents. Tried a looooot of combinations but got nowhere. Pretty sure it’s a stupid mistake… Could someone PM me?