Admirer

Rooted. Thanks for the box @polarbearer and @GibParadox. This was a good reminder to pay close attention to all the information and don’t assume anything.

Learnt some new stuff along the way and thanks to those that provided me with nudges, respect given. If anyone wants a nudge, tell me what you have tried and happy to help.

Any one can help with root? :neutral: I know the idea but can not make it happen.

Rooted! That was quite the ride. Thankyou @polarbearer and @GibParadox for the great learning experience. Fun way to get root.

A bit of grit needed for this one for sure, research what you have to find the way forward.

i rooted it ,but i was doing write up so that i can post it when box retires ,guess what , fuzzing this box again is pain in a*s

■■■ just got root :blush:
PM if you need help :wink:

Type your comment> @b3nn said:

So no one’s gonna talk about The Big Bang Theory references?
Was wondering about that; but where is Sh*****? Havent found him

root@admirer:~# whoami && id && hostname -a
whoami && id && hostname -a
root
uid=0(root) gid=0(root) groups=0(root)
Got root and understood how exploit r****my*******. works.
Thanks to @bertalting and @knuijsting for not letting me drown in the sea of ​​rabbit holes.

Hey, still stuck on that machine…

I found the uti****-S***** and then the ad**-*k but I’m thinking this may be a rabbit hole. can someone confirm?

And what am I spouse to find bt fuzzing? I’m fuzzing for like a week with no result :frowning:

hello, i have a trouble with lol.xml,when i load that file,it say that "Error in query (7890): Can’t find file 'app/etc/lol.xml’. "

Guys I tried dirbuster on wordlist big.txt and common.txt on / and /a****-**r ,but all files enumerated have response code 403,Can some one nudge me a hint

Getting to user seemed ok but I got stuck now with root. I think I followed to many rabbitholes and ended up now with what I think is the right place to followup on. but I cant figure out how to go about it. I’m looking into a****_t****.** and b*****.** . Maybe someone could help me out here. thx

Got root , thanks to @killerhold for the help to see the light.

For those who are stuck in root and know that this is about, as it happened to me, think that all users have their own “particularities”

Rooted! Foothold was a tangled web, but ultimately gave me a few more wordlists to add to my checklist. @beorn was helpful here. What is missing but should be present is just as important as what you find.
User was me being an idiot. @Solarstorm gave me a helpful hint which I will condense to this: Think about WHEN what you found before was generated.
And root was fun. Much easier for me with snake-training experience. Walk along the way carefully.

Rooted, I’ve learnt a lot about enumerating and to pay attention to details.
PM me for nudges.

I don’t get the hate, user was pretty dope!

Pretty neat box indeed. I also don’t get the hate. Along the way you may get frustrated but cooling off, trying smarter, googling, testing before shooting etc will get you through it.
There’s also no need to leave trails and spoilers on this box, if you save and name your files some type of way they’ll be deleted anyway in a few mins.
I got rev shell for root on first attempt so I don’t know how people have an issue with that.
Everything you need is already available.
Enjoy the box!

That was a fun box. Took a little thinking early on but once I got past the initial enumeration the rest was fun and straight forward.

Happy to nudge so you learn, but no spoilers given.

Just nabbed user…jeez…was it “easy” sure after you put the pieces of the puzzle together. Each step closer kind of glues another piece in. But man without a couple of hints, I would have been more lost. However I must say, that it does get you thinking a bit more on basic enumeration. Don’t be afraid to try another tool if your favorites aren’t working. I admit I get stuck on dirbuster, dirb, and completely forgot about wfuzz which got me what I needed. If I wasn’t so set in my ways, I may have had a much easier time. Thanks to the creators of the box @polarbearer and @GibParadox for “slapping my wrists” a bit to break out of the same old, same old. Is it frustrating? Sure…but maybe I’ll remember wfuzz next time I can’t find what I’m looking for with my goto tools…

Everyone is saying that root i cake, I see some files I can sudo, but no idea what to do with them…can someone PM me with a nudge…I feel like this should be obvious but I’m just missing it.

So i have root.txt via the privesc but can’t seem to get the reverse shell to work? Anybody else with the same issue that it’s just not responding?

But the box was really fun and made me look into my enumeration techniques in the beginning :wink: learned a lot!