Travel

Rooted :smiley: after long journey :smiley:
Personally this my best box so far .

Fuzzing the g* folder in the sub is a rabbit hole?

@3l0nMu5k said:
Fuzzing the g* folder in the sub is a rabbit hole?

You dont need to fuzz if you have a handy tool for it.

■■■, I don’t find the password for the ***g user ****n. neither on the site nor in rockyou. I see this as my only way in. I don’t get the comment with the **S and dont find anything related to its developers, i.e. don’t know how to access this. please send me a nudge, wasted all day on that.

I’ve get user, thanks @ElVi7MaJoR for help in foothold :slight_smile:

Hello, I’m confused on my priv esc. I was able to be a root but I can’t find the root.txt.
I can’t read or mount also.

Could someone tell me where did I go wrong?

Finally user. Foothold is a long journey. Somehow my exploit is working locally but it doesn’t work against remote machine. Thanks to @polarbearer for the help.

User is easier than foothold. Need some rest before take the root.

Type your comment> @LeapTruTime said:

Could someone tell me where did I go wrong?
PM me.

Type your comment> @Warlord711 said:

You dont need to fuzz if you have a handy tool for it.

Gotcha thanks.

rooted wow i loved this box <3

thanks @xct & @jkr

rooted what a box
initial hint : dont fuzz crazy be smart when you find it use a tool
DM for hints if you still stuck

I’ve rooted it, thanks @0x41 and @ElVi7MaJoR :slight_smile:

Finally after “travelling” on a massive rabbithole, finally arrived at the correct root. :slight_smile:
Thank you @fr0ster and @b3nn for the guidance.

Tip: Priv esc is easy if you enumerate well. If you think you got root and root.txt is missing, step back and don’t push further. I went on a massive rabbithole because I got a root but was actually a rabbithole root.

Cheers to the creators.

Thanks a lot to all of you that helped me during this, for me very difficult box!

Shout out to the creators! It was really good!! :smiley:

found the foothole…i think - this box just got real interesting real quick

Type your comment> @CRYP70 said:

found the foothole…i think - this box just got real interesting real quick

I just started and find it interesting, hopefully more to follow.

awesome box; i spent a fortune of time trying to X**. finally rooted!

Type your comment> @dakkmaddy said:

Type your comment> @CRYP70 said:

(Quote)
I just started and find it interesting, hopefully more to follow.

Yeah I know right, bout time we got a WordPress site on hard difficulty :smiley:

Type your comment> @sparkla said:

Working my way forward with this box. Still haven’ completely figured how d***g works. I mean I can trigger it with exactly one “switch” and will search now for more switches, not understanding the output yet.

Not asking for nudges but one thing I’d need to know. Do I need to use an actual R** client or is that a rabbit hole / working in a different manner?

it’s not a rabbit hole.

hint:
-. Recon
-. Analyzing language roles
-. Deserialization
-. Bypass xxxx filter
-. litle scripting
-. Basic enum
-. G0t r00t