Stuck for root. I would appreciate a nudge… I can guess the last part, but cant find if we have to privesc before being able to exploit it, or if we should be able to exploit it with our actual user… Of if some are stuck at the same place and want to share idea!
Thx!
Edit: Rooted, I was overcomplicating a lot… trying to take a shortcut… Cool box!
great. staring at a user.txt yet it says it is not the right flag. Dynamic flags, great to prevent sharing, frustrating that sometimes the box needs to be reset just so you can claim…
Edit: so i thought it was becauae the box was jacked up… so i reset the box, reset my machine. now i can’t connect to it at all GAAAAH 1 step forward 3 steps backwards!
interesting box.
so far I have found list of users > @gverre said:
Stuck for root. I would appreciate a nudge… I can guess the last part, but cant find if we have to privesc before being able to exploit it, or if we should be able to exploit it with our actual user… Of if some are stuck at the same place and want to share idea!
Thx!
EDIT: There is a lot more “taker” than “giver” in this forum…
interesting box.
so far I have found list of users > @gverre said:
Stuck for root. I would appreciate a nudge… I can guess the last part, but cant find if we have to privesc before being able to exploit it, or if we should be able to exploit it with our actual user… Of if some are stuck at the same place and want to share idea!
Thx!
EDIT: There is a lot more “taker” than “giver” in this forum…
interesting box.
so far I have found list of users > @gverre said:
Stuck for root. I would appreciate a nudge… I can guess the last part, but cant find if we have to privesc before being able to exploit it, or if we should be able to exploit it with our actual user… Of if some are stuck at the same place and want to share idea!
Thx!
EDIT: There is a lot more “taker” than “giver” in this forum…
For 70 nudge request, i got 0 nudge offer!
that is true
THIS!
???
I got 3 users and a password which I cracked but don’t know where to use them
Foothold: Basic enumeration. Having discovered “those directories”, search for attacks related to that gigantic, three-headed dog
User: What file would be useful in a conventional Windows host exploitation?
Root: Who are you?
If the flag is not working… yes, reset the box. There is no “fake” flag or something like that. o/
Got creds for s*****t account, have done extra enum with it, but nothing usable came out of it yet. Probably overlooking something, again…
Nice box
I’m off to bed now. God luck to you!
I’m stucked here too. I tried connecting to the shares (with this creds) but nothing useful info.
Got creds for s*****t account, have done extra enum with it, but nothing usable came out of it yet. Probably overlooking something, again…
Nice box
I’m off to bed now. God luck to you!
I’m stucked here too. I tried connecting to the shares (with this creds) but nothing useful info.
Same. Cannot find a place to use these creds… Taking a break from it for tonight.
Rooted! Really cool box, one of the easier of the “hard” ones I would say. Although getting from user1->user2 in the enumeration phase tripped me up a bit.