Official Blunder Discussion

Type your comment> @retrymp3 said:

This exploit may require manual cleanup of ‘.*****’ on the target " - I am pretty sure that this wasn’t intended. I can’t advance further with this maybe reseting the box will help. Cause we dont have permissions to write on any files from foothold

Edit :leave t***** *** as default. For this to work?

Rooted. Great box. Props to @egotisticalSW.
Foothold, some zz and some cool ness.
No hints needed for user and root

Rooted.
As some wrote, many rabbit holes for the user.
Root very easy.
PD: Gracias Torre Oscura!

Rooted
Not going to say much since there is a ton of hints already in the forums.
PM me if you need a nudge

thanks for the box it was great if anyone needs nudges or help for doing the manual exploit (without msf) send me a pm

I have credentials for H**o and a meterpreter session as www, but it wont let be run su H&&o as the command isnt recognised. Anyone know how to change users in meterpreter or indeed a nudge or what to do with H&&o credentials?

@BugsBunny said:

I have credentials for Ho and a meterpreter session as www, but it wont let be run su Ho as the command isnt recognised. Anyone know how to change users in meterpreter or indeed a nudge or what to do with H**0 credentials?

Improve your shell.

Hello I need help, I have the username and password F ***, but I got stuck there; i got the cve but i need a push

Type your comment> @jesus62175 said:

Hello I need help, I have the username and password F ***, but I got stuck there; i got the cve but i need a push

There is a POC for that CVE. Google will give you if you ask correctly ?.
There is also a dedicated module written for most favorite exploitation software.

Type your comment> @gunroot said:

Type your comment> @jesus62175 said:

Hello I need help, I have the username and password F ***, but I got stuck there; i got the cve but i need a push

There is a POC for that CVE. Google will give you if you ask correctly ?.
There is also a dedicated module written for most favorite exploitation software.

but I get an error require manual cleanup of ‘.h*****’ on the target

Soooo many rabbit holes after Initial Foothold for User, I feel so dumb I strayed so far from home… lol.

Root was simple enough once u do like everyone says “back to basics”.

Rooted.
All the necessary hints have already been given here, so I won’t be adding any.
Just don’t overthink too much on the foothold, once you get the foothold, user and root is just minutes away! All the best!
Thank you @egotisticalSW for this fun box!

Rooted!! Fun box, easy but not immediate. Thank you @Zaitchev for nudges. You’ll think “I’m a fool” when you root it.
There’s my hint:

FOOTHOLD: the conventional standard ways are not the right way. Use your hands :wink: The CVEs are you’re friends.
USER: just enum everything. EVERYTHING!
ROOT: the basics of privesc. Google ALL, !

PM for hints :wink:

Type your comment> @jesus62175 said:

Type your comment> @gunroot said:

Type your comment> @jesus62175 said:

Hello I need help, I have the username and password F ***, but I got stuck there; i got the cve but i need a push

There is a POC for that CVE. Google will give you if you ask correctly ?.
There is also a dedicated module written for most favorite exploitation software.

but I get an error require manual cleanup of ‘.h*****’ on the target

I never got that particular error (I got a different one) but you might want to double check that you have the module set up properly. I suppose reading the module’s source code is enough but this thread had a hint earlier about intercepting the request with burp and making sure that it’s doing what you think it’s doing and that made my error really obvious.

Awesome box ! All the nudges given in this forum are sufficient to get you through.
If stuck, message me for nudges.
ROOTED!

can anyone help me…
my msf exploit is not working :tired_face:
i have tried everything
i even tried to manually do it but got no luck
can someone please help me

I think i got the right user for initial foothold from t***.t** file and tried brute forcing with a python script. But I don’t think i have the right wordlist for the password. Help would be much appreciated!

Nice machine… Thanx @egotisticalSW.

@de4dgh0st said:

can anyone help me…
my msf exploit is not working :tired_face:
i have tried everything

There is a good chance you haven’t tried everything.

i even tried to manually do it but got no luck

If it helps, I struggled with manual exploitation to the point at which I gave up.

can someone please help me

Check all your settings and payload.

Fun machine, thank you @egotisticalSW :slight_smile:

Got stuck long time on the foothold.
Once I found the user I got something Cewl going on :smiley: and snaked it up