Official Tabby Discussion

Another box with a ridiculous ctf part… why do i even bother anymore

Type your comment> @alienum said:

only root part is easy.

? i need some tips

So I think I know what file im looking for (c***/*-.xml), I think I know how to get there, im using the default sensitive list.

Do I need to put some …/ infront or am I not correct with where im going.

Definitely the hardest part of this box was guessing the initial foothold piece. The rest was pretty smooth. PM if you need help

A nudge or five for foothold would be greatly appreciated in pm.

Type your comment> @soraa said:

i can open /e**/p**wd with the L. but can’t find the xl file :frowning:

same

The Biggest push/hint i could give you is.

on Your local kali Box

sudo apt-get install …

find / -iname …

???

Profit :slight_smile:

Guys, please stop resetting the box. It’s pointless…

Well, like a lot of other people on here I’m having trouble finding a certain file for the initial foothold. I’ve tried installing t****t locally as a few people have suggested and the file I am looking for is where it should be (two places in fact) but using the same path(s) on Tabby gives me nothing.

I’m a little bit stuck now.

Been trying to locate -.x* for many days now - please DM me with a small nudge

.

Spoiler Removed

Please do not reset the VM :frowning:

Stuck on the foothold for more than 3 hrs. Found _home and _base dir but nothing useful there. Can someone DM me a nudge.

I would appreciate a nudge to get foothold via PM.
Since release I have been stuck looking for -.xml.
All along I have been able to read /e
*/p****d via n**s.**p

Paths you see everywhere all the time are most likely not to help you a huge amount when it comes to finding this.
Package maintainers. File lists. Look & you will find.

Rooted! Thanks to @Silv3rDawg23 for nudge on foothold which was the hardest part of this box and most interesting.

Foothold:

It might be really hard to guest the path (although it’s easier to guess it than to enumerate it IMO). Everything what you need is on default page. All you have to do is a bit of guessing…

User:

This is pretty straight-forward. Just enumerate as usual.

Root:

Wasn’t too hard, but I was new to it. Common enum script reveals most of the needed info. After you collect those info, Google is your friend.

root@tabby:~# id; hostname;
uid=0(root) gid=0(root) groups=0(root)
tabby

I’d be happy to help someone who’s stuck :blush:

Finally rooted the box. Great box @egre55.

user wasn’t too obvious attention to detail is key for this one. Went straight over my head and went down a fat rabbit hole, but the privesc - I was thinking to myself im looking forward to a privesc with this technology. It finally came, thanks makers!

Rooted. Like many others have said, the first step is tricky, but once you get beyond that it really is:

  1. Find something with very simple enumeration
  2. Google which tool or script can be used for that something you found
  3. Run the tool or script
  4. Repeat steps 1-3 until root

Feel free to PM for any nudges.