Foothold:
Really simple. What is the first thing you do when you have a web app? Is there any comment that can help you? Where would someone post public available code? Google is your friend on this one.
User:
Things get creative here. You are in, you have a shell. What is the first place you will go? Get the clue as valuable. How can you execute things that are not in otherâs home dir?
Root:
Here I was rabbitholed for too long. Enumerate the processes and understand what is being loaded and with which privileges. Look for something that executes everytime you log in.
It is kind of non motivating to see more expert people taking 30 min, 1 hour on this box (at least on comments), so I wonât hide this box took me about 6 enjoy it at your own pace!
Rooted this one as well! Seems like I was just in time. After getting the root flag the box died and now I canât get in anymore with my backdoor. Looks like someone slammed the reset button 5 seconds after I got my flag.
This box was fun and not that hard to crack. Enough tips are given here. I donât think I need to repeat them again. But if you need a nudge feel free to PM.
Please also mention the box you are asking help for since I get a lot of PMâs lately about different boxes.
User: To find what ye seek, you must go back to the source of what youâre searching.
Root: Definitely was overthinking this one at first, by far the most helpful tool was pspy. Also, you donât need to be super quick, in the world of bash you can do cmd1; cmd2; cmd3 and theyâll execute in order.
Useful tips on page 26 and 27, the only ones I had to look at to get the insights I was missing. Not a hard machine in concepts though, although my inexperience with the tools payed a price here.
Had lotâs of fun, not that much frustration this time and as always, learned a lot.
I will be around if hints are needed.
Well that was a fun one. I had all the parts but needed to refresh on one tech. Can help with non-spoiler nudges but let me know what you tried first and where you are.
Just rooted. Cool, but without clues on this forum, it would be too much guessing (especially for initial foothold). However, I found it pretty fun box.
Iâve gotten too the part where you move into the folder but I get this error when in the machine. I reset it and got it again can someone help ?
Welcome to the Luvit repl!
Uncaught exception:
[string âbundle:deps/readline.luaâ]:485: attempt to call method âset_modeâ (a nil value)
stack traceback:
[string âbundle:deps/readline.luaâ]:485: in function âreadLineâ
[string âbundle:deps/repl.luaâ]:198: in function âstartâ
[string âbundle:main.luaâ]:137: in function âmainâ
[string âbundle:init.luaâ]:49: in function <[string âbundle:init.luaâ]:47>
[C]: in function âxpcallâ
[string âbundle:init.luaâ]:47: in function âfnâ
[string âbundle:deps/require.luaâ]:310: in function <[string âbundle:deps/require.luaâ]:266>
so did someone break the machine as this happens between resets or is this an intended thing ? it seems like its having issues with the program it self and loading the needed functions ?
Iâve gotten too the part where you move into the folder but I get this error when in the machine. I reset it and got it again can someone help ?
Welcome to the Luvit repl!
Uncaught exception:
[string âbundle:deps/readline.luaâ]:485: attempt to call method âset_modeâ (a nil value)
stack traceback:
[string âbundle:deps/readline.luaâ]:485: in function âreadLineâ
[string âbundle:deps/repl.luaâ]:198: in function âstartâ
[string âbundle:main.luaâ]:137: in function âmainâ
[string âbundle:init.luaâ]:49: in function <[string âbundle:init.luaâ]:47>
[C]: in function âxpcallâ
[string âbundle:init.luaâ]:47: in function âfnâ
[string âbundle:deps/require.luaâ]:310: in function <[string âbundle:deps/require.luaâ]:266>
so did someone break the machine as this happens between resets or is this an intended thing ? it seems like its having issues with the program it self and loading the needed functions ?
Does this also happen, when you just load the repl, without any parameters?
This is my first box ever. It took me a few hours.
Once I became root, I used my root privileges to chattr +i all of the flags and the .bash_history of root and the other two accounts after clearing them. This way no bash history can be recorded, preventing it from giving away clues from other users. Only root will be able to delete critical files now. This could have been done âout of the boxâ by the author.
This is my first box ever. It took me a few hours.
Once I became root, I used my root privileges to chattr +i all of the flags and the .bash_history of root and the other two accounts after clearing them. This way no bash history can be recorded, preventing it from giving away clues from other users. Only root will be able to delete critical files now.
Well, on your server and until it is reset, yes.
This could have been done âout of the boxâ by the author.
True - and certainly worth suggesting. Iâve found quite often Linux boxes desperately need the creator to make critical files immutable - OpenAdmin was a good example of this.