Official Tabby Discussion

@nubie1989 said:

Type your comment> @p3r14n3gr4 said:

@nubie1989 said:
I’m new in this (not very). just a hint, where to look? No big hints… just a guidance will do. Thanks in advance.

news

cant parse xml…

Any idea why not?

@zaaza said:

for the privsec section I got this error when I run the final commad l*c e**c **** /bin/sh

~ # ;5R;5Rid
;5R;5Rid
/bin/sh: syntax error: unexpected “;”

is this normal ???

No but I’ve seen it happen. The display is not showing as normal but that shouldn’t be an issue. Try backspacing a few times to make sure it hasn’t carried across extra characters.

A little guidance in order to become user 1000? I’m stuck on my t****t user shell

Type your comment> @TazWake said:

@nubie1989 said:

Type your comment> @p3r14n3gr4 said:

@nubie1989 said:
I’m new in this (not very). just a hint, where to look? No big hints… just a guidance will do. Thanks in advance.

news

cant parse xml…

Any idea why not?

because i cant find this bitc* file. its not in et*/***/***xml

@nubie1989 said:

because i cant find this bitc* file. its not in et*/***/***xml

Ok, that’s a different problem than parsing the XML though :smile:

The main think I can suggest is try fuzzing for possible locations. You have a few paths, so maybe try combining them a little bit.

That was a really good box. Not sure why I’ve seen some comments bitching about it being CTFish, there was literally nothing remotely CTF about it. If that was your conclusion you missed steps or didn’t understand what you were doing or why.

I effing hated the foothold while I was doing it, but it’s only because I was too dumb to know a better way to do it, so this box really hammered some important things home.

Rooted! What a jurney. Fun to do, but the foothold was annoying

Type your comment> @p3r14n3gr4 said:

A little guidance in order to become user 1000? I’m stuck on my t****t user shell

use the information you have (hopefully) gathered along the way – the information is there if you have done all the enumeration that you should have… keep searching! what you need is available if you look at what you have access to…

It was annoying reading posts about how easy people found the last stage as I ran into error after error and spent ages getting nowhere.

Root:
If it’s not finding a file in the same folder, just go home and do it all from there.

BTW. Who ever said hello in /tmp… made me smile so thanks LOL

Type your comment> @thegingerninja said:

It was annoying reading posts about how easy people found the last stage as I ran into error after error and spent ages getting nowhere.

Root:
If it’s not finding a file in the same folder, just go home and do it all from there.

BTW. Who ever said hello in /tmp… made me smile so thanks LOL

hello

I found the t*****-***.ml file and I’ve got the man but i cant find a way to get the shell or any other thing.
This is my first box so any help would be appreciated.

Type your comment> @Nihack said:

Stuck after getting the shell, any hint that gives me an idea of what file should i look for? spent hours browsing the whole machine xD

Try to search a file written by the user

Type your comment> @0xstain said:

Type your comment> @Nihack said:

Stuck after getting the shell, any hint that gives me an idea of what file should i look for? spent hours browsing the whole machine xD

Try to search a file written by the user

The file which need some hammering on it. Enumerate the entire dir which you get while landing your initial shell. Remember the user is lazy.

Rooted , thx for box

PM for nudge.

Done it, learnt a few interesting things.
Foothold: someone says is ctfy, someone not…well, I think it depends a lot on your mindset. If you are one who thinks that an easy machine should spoonfeed everything to go ahead, then yes, you can think it’s ctf.
If you think that a machine, whatever level should be, must drive you in a learning path, then it is not at all.
User: wysiwyg
Root: i literally spent hours trying to understand why i was failing despite doing exactly what was needed…then eventually i discovered that gaining a working shell sometimes is not enough…

Did the priv esc, but not sure if it was the intended path because it was unintended on some other boxes

Hi,

Get the shell as user t*****t but from here, don’t see any direction to find the user flag.
find all file that user have access, but just don’t get how to do this.
Any help will be nice

Well, Foothold wasn’t that easy to me, I think it’s difficult to guess and to deal with that service to do what you want to do. The rest, pretty straight forward.

Foothold: my hint is, try to read that file exploiting that L** vuln. Then you just have to use what you got, and read the service docs; using GUI is not always the best way to upload thinks, you can use other Terminal tools.

User: just enum, begin always near were you start, and look for files that you can read (can you?)

Root: well, It was new to me, so I had to spend long time checking l****um and other tools output… you need to know “who you are”, and then check what can you do with that at Google; you will found a POC to exploit that easily. This part is hard when you use free labs

PM if need a some help

Type your comment> @GoorMoon said:

Hi,

Get the shell as user t*****t but from here, don’t see any direction to find the user flag.
find all file that user have access, but just don’t get how to do this.
Any help will be nice

Have you identified the the username on the system you are trying to compromise? If so, then Google is your friend – search how to use the ‘find’ command to search the system for files owned by that user, and dig deeper… “the answer is out there, Neo, and it’s looking for you, and it will find you if you want it to…” (no - that’s not a hint or a nudge…)

Type your comment> @ricm916 said:

Type your comment> @GoorMoon said:

Hi,

Get the shell as user t*****t but from here, don’t see any direction to find the user flag.
find all file that user have access, but just don’t get how to do this.
Any help will be nice

Have you identified the the username on the system you are trying to compromise? If so, then Google is your friend – search how to use the ‘find’ command to search the system for files owned by that user, and dig deeper… “the answer is out there, Neo, and it’s looking for you, and it will find you if you want it to…” (no - that’s not a hint or a nudge…)

Thanks,

How i was stupid :slight_smile: