Can someone help with initial step? Don’t know how to get www-data
Rooted! Thanks for the box, learned something in the process of hacking
Type your comment> @mrshershulya said:
Can someone help with initial step? Don’t know how to get www-data
dm
Stuck on root. found s******, looked at what it’s doing, failed to exploit. I’ve done something similar in the past, but none of the tricks i learned or searched are working. Could use a nudge. Thanks
I was able to read the root flag with cat in my impostor file, but trying to set up /bin/bash would result in a root shell echoing back my commands to me:
root@ubuntu:/root# whoami
whoami
Anyone could explain?
hey, i need some help, i have the second password for the user but i’m not able to authenticate as the user (su or ssh), should i be able to?
Type your comment> @ines said:
hey, i need some help, i have the second password for the user but i’m not able to authenticate as the user (su or ssh), should i be able to?
su will work after upgrading your shell.
Anyone for a nudge?
Spoiler Removed
@mrshershulya said:
su doesn’t work, how to get user?
Do you have a proper shell? When you say “su doesn’t work” - do you mean it rejects the password or generates an error message?
@mrshershulya said:
@TazWake, I spawned shell, It writes “su: Authentication failure”
Ok, you might have the wrong password for the user you are trying. If you need/want more detail you will need to DM.
Gosh… Is there anyone I can get help with f****? I keep running an error on the p****** that is running on f**** this is for root
■■■■… Finally rooted this box heck I am breaking out in sweat for the root.
Nice box. This would be a good OSCP prep box. I think there are a couple slightly different ways to get the initial foothold.
Could someone PM me for user account? I’ve found m**** creds and been stuck on w********* shell…
I’m at the end here… struggling to use the inspection tool against the interesting binary… a nudge in the right direction would be really appreciated
Edit: Rooted. Clearly was overthinking it. Thanks @TazWake and @N0tAC0p for the nudges!
Looking for help on the basics sadly, i am having a hard time bypassing this login page. Any nudges would be great. I would like to be better at burp suite and sql injection. Help, resources, and advice would be great for me to learn. I have googled quite a bit already and tried many things. Help on bypass please!
@JitB said:
Looking for help on the basics sadly, i am having a hard time bypassing this login page. Any nudges would be great. I would like to be better at burp suite and sql injection. Help, resources, and advice would be great for me to learn. I have googled quite a bit already and tried many things. Help on bypass please!
If you google what you are trying to do there is a wealth of interesting articles which will help you.
Anything else is going to be flagged as a spoiler.
Rooted … Amazing box… DM for nudges.