@mrshershulya said:
@TazWake, I spawned shell, It writes “su: Authentication failure”
Ok, you might have the wrong password for the user you are trying. If you need/want more detail you will need to DM.
@mrshershulya said:
@TazWake, I spawned shell, It writes “su: Authentication failure”
Ok, you might have the wrong password for the user you are trying. If you need/want more detail you will need to DM.
Gosh… Is there anyone I can get help with f****? I keep running an error on the p****** that is running on f**** this is for root
■■■■… Finally rooted this box heck I am breaking out in sweat for the root.
Nice box. This would be a good OSCP prep box. I think there are a couple slightly different ways to get the initial foothold.
Could someone PM me for user account? I’ve found m**** creds and been stuck on w********* shell…
I’m at the end here… struggling to use the inspection tool against the interesting binary… a nudge in the right direction would be really appreciated
Edit: Rooted. Clearly was overthinking it. Thanks @TazWake and @N0tAC0p for the nudges!
Looking for help on the basics sadly, i am having a hard time bypassing this login page. Any nudges would be great. I would like to be better at burp suite and sql injection. Help, resources, and advice would be great for me to learn. I have googled quite a bit already and tried many things. Help on bypass please!
@JitB said:
Looking for help on the basics sadly, i am having a hard time bypassing this login page. Any nudges would be great. I would like to be better at burp suite and sql injection. Help, resources, and advice would be great for me to learn. I have googled quite a bit already and tried many things. Help on bypass please!
If you google what you are trying to do there is a wealth of interesting articles which will help you.
Anything else is going to be flagged as a spoiler.
Rooted … Amazing box… DM for nudges.
User owned! Working on root.
It wasn’t hard like it seems but cool, learned a few new useful things in the exploiting phases.
Owning user took me a certain time, please don’t reset the box every time or use strong tools, burp,Hydra or other tools like that aren’t needed.
If you need a little hint PM me.
Im stuck as w**-**a any help getting to user t?
Rooted! Very fun box, and according to some comments very OSCP-like so I’ve taken extra notes.
PM me if anyone needs any help!
Guys, Any hint on the user ? I got the foothold easy, I got a password that is useless - not sure how to crack the user t******* , appreciate any nudge please.
Rooted Finally! Big thanks to @TazWake and @roumy for helping in the final step! Feel free to ping for any help!
Anyone had this error when trying to SSH @10.10.10.185: Permission denied (publickey).
@wooly13 said:
Anyone had this error when trying to SSH @10.10.10.185: Permission denied (publickey).
Looking at it, it seems to imply you haven’t used the correct public key to correct and key based authentication is enforced.
Type your comment> @wooly13 said:
Anyone had this error when trying to SSH @10.10.10.185: Permission denied (publickey).
That’s not an error (if you don’t have your key on this machine already). Try another way to log in.
Just rooted. It was a really good and fun one. It wasn’t hard, but I’ve learned a bit, and spent lots of time in a rabbit hole.
Rooted finally,
Nice box!
Initial foothold:
1- “bypass login page”
2- trick the system
User:
enumerate files, try to login and export data
Root:
Interesting file, how can you execute the commands in another context?
Finally rooted this sucker!
Hint for root : If you can’t find the right path, create your own path with necessary ingredients and then you get shell shelll shell…
Learned a lot. Thanks @TazWake @FunkyMcBeef and @disastrpc for nudges.
PM me if you need any nudges.