Magic

Rooted.

Type your comment> @trevorphillips said:

I was able to read the root flag with cat in my impostor file, but trying to set up /bin/bash would result in a root shell echoing back my commands to me:

root@ubuntu:/root# whoami
whoami

Anyone could explain?

@trevorphillips
I had this same thing occur. I think this has to do with losing stdout somehow.
At one point, after moving directories it seemed like i re-gained stdout… but couldn’t reproduce.
i found that redirecting stdout to stderr via 1>&2 at the end of my command worked. I don’t know why exactly.

ie. whoami 1>&2
would also give me output … give it a try.

Got this thing rooted.
Special thanks to @ssMiles and @Nicolasmira101 for helping nudge me along.

Hi guys, I rooted this box, but still need help. I have found something interesting in login form with wfuzz but still can’t do the same with ****ap, does anybody help me with it’s options?

Rooted the box a 2 days ago thanks @Harbard for the nudges for root, cool box learned some new stuff. PM me for nudges.

Rooted, it was a nice box and learnt some new stuff on the way to root wich is something good :smile:

some hints… (tho i think everything has allready been hinted, but anyway)

for Foothold
enum and then its pretty straight forward, an old way i have been without using effectively for a long time and its the first thing you usually try (surprised it worked tho hehe)

for user
It was a good reminder that there are things you can do/see even if you cannot directly access to what you want devil is in the details

for root
Lead it where you want it to go and benefit from it

Hope that helps someone without spoiling the fun

thanks @TRX for the box :wink:

Could anyone drop me a nudge for root?
I have been monitoring processes but it just showing the zoneinfo thing.
Also have tried to exploit the suid bin s*****o.

Type your comment> @3xxu5 said:

Any advice on getting a shell? Got RCE but haven’t been able to establish a shell. Tried a php one liner, python, /bin/sh etc. Listed the whole file system & saw an interesting .p**5 doc but is empty when accessing via url.

try going full on pure php, and for running the commands with the rce i would recommend using burp, easier to track the commands and if something drops you have the repeater to get it back fast

love the fact my badge keeps my last photo

how to get reverse connect.when i use python3 script then i’m always connect with local host.

got root. Learned quite a bunch about s**d in this. I do have a question tho; the shell I got was not outputting anything whatsoever. I’m trying to understand why. My C is pretty limited and I was basically calling system to get my shell.

Got root. Easy box, but user part gives some new tools in my baggage.

got root! first box that I didn’t use any nudges!
super fun box, I’ve been wanting to use that foothold exploit for a while.
PM for nudges

I got root shell, but when i type a command, such as ls, there is no output?? anyone else had this or did i miss something

edit:

just sent myself the bash shell to my local and got it

good box, thanks!

after some time i finally got root. I have to say that reading this thread helped me a lot for root!

Rooted. Another fun box! PM if you need a nudge.

I understand how to root the box, but for some reason it doesn’t seem to want to play nice. Got user, understand the root vulnerability, but for some reason when I run insert something I would run nothing pops up on inserts elsewhere something would pop up on. Any advice? This is probably my weakest subject in terms of exploits/vulnerabilities so I need to do read up a little more. Maybe you can PM me to compare commands to make sure I have a grasp on things, or if someone is just messing the box up. Thanks!

rooted the machine. definitely learnt something new this time. thanks for the box @TRX ! feel free to dm me if you get stuck

@zgordon96 said:

I understand how to root the box, but for some reason it doesn’t seem to want to play nice. Got user, understand the root vulnerability, but for some reason when I run insert something I would run nothing pops up on inserts elsewhere something would pop up on. Any advice? This is probably my weakest subject in terms of exploits/vulnerabilities so I need to do read up a little more. Maybe you can PM me to compare commands to make sure I have a grasp on things, or if someone is just messing the box up. Thanks!

Happy to help if you are still stuck.

Type your comment> @Dark0 said:

rooted. Box easily but very fun. If you need a hint can ask me

Hey can you please give me a nudge on Root…
I used a popular Enumeration tool but I couldn’t just get it.
can I PM u?

Ah. finally got time to finish this off.

Learnt alot of this. Thanks alot to the creators.

PM me if you need a nudge.