Rooted
thanks to @camnbear and @3l33t for there help with this one
Type your comment> @zero87 said:
Rooted
thanks to @camnbear and @3l33t for there help with this one
Your’e welcome and Cheers bro
whoami && id
root
uid=0(root) gid=0(root) groups=0(root)
root@oouch:/root#
I want a nice sleep right now
Can someone please give me a nudge on c*****t page? I’m pasting what I’m supposed to in there, and I’m pretty sure the ‘click’ is happening because if I paste my local dev server url, I get a request.
But then when I proceed to the next step, it’s just my accounts that are linked…
Hey guys, I’d appreciate a little nudge. I have access to the admin page and found a way to r******* my app. I can now access some additional resources and have a pretty good idea what to do with them, but I can’t figure out the mechanics. Please PM me if you’re willing to help. I can provide details on what I’ve tried so far. Thanks
the user parts drive me insane. it so ■■■■ hard but now i understand more about CF and SF attack.
User was good. Had trouble getting the token using repeater, had to use curl instead. Getting root drove me insane. I need work on enumerating and Priv Esc. Great machine.
What can I say?
OUCH
root@oouch:/root# id
id
uid=0(root) gid=0(root) groups=0(root)
Thanks for the wonderful machine @qtc
What a machine? A wonderful journey upto root.
For User: Documentations are your friends.
For Lateral Movement: It is possible that a whale and a spider can be friends.
For Root: The one you tried in lateral movement will work now.
Always happy to help. PM for only hints.
root@oouch:~# whoami && id && hostname && wc root.txt
root
uid=0(root) gid=0(root) groups=0(root)
oouch
1 1 33 root.txt
root@oouch:~#
this machine is not hard but it’s REALLY INSANE. rooted
Wow, that box was badass. Thank you @qtc cost me some nerve
Insane
Absolutely insane, thanks @qtc.
Guys I got the private key but I am getting invalid format
Any one can help at this point?
----Never mind, I got it
I’m doing WAPTX and there’s some O**** in it, so i thought i’d give a go at that box. I’ve been trying to play around with the various requests and i think i know how to exploit it but it doesn’t work and i’d like some guidance to at least know whether i’m trying to do the right thing or just hitting a wall…
So I’ve managed to get to the point where I can successfully get an ac**** t**** and execute /a**/g**_u***… is this a rabbit hole?
I can’t figure out how it would actually help me… not sure where to go from here
Edit: Got User… wow, that was amazing. Awesome box so far.
Rooted. Wow. That was pretty insane.
So, my last comment was from June2nd and i only rooted it lol…
I took a few breaks and did it in stages, and had to learn a lot on topics i didn’t know of, like the whale… even if eventually not much was needed.
Can’t wait to see the 8h walkthrough video for that one.
I’m a bit confused of how to set up the attack for initial access.
I know that there is a simulated user that “interacts” with what is passed into the c****** page. I can create a profile for myself on both the normal application and the hidden o**** application. Does the user do more than just click, is there a way I can trick it into performing a P*** request instead of just G**? Could someone DM me to nudge me in the right direction?
EDIT: Figured that part out…the normal flow must be “paused” and then finished by another
EDIT2: Finally have user…this box requires learning so much. Feel free to DM me for nudges up to that point
i cant access to the c**er.ooh.h*b’s server IP address could not be found.
Try:
Checking the proxy, firewall, and DNS configuration
anyone also have same problem
Rooted …
This machine was insane …
Feel free to get Nudges from me
Pm me for nudges
Anyone has an idea why the SSH key of q doesn’t work ?
I made the changes needed, and still having an error “Load key “id_rsa”: invalid format.”
Kind of frustrating…