No but I’ve seen it happen. The display is not showing as normal but that shouldn’t be an issue. Try backspacing a few times to make sure it hasn’t carried across extra characters.
That was a really good box. Not sure why I’ve seen some comments bitching about it being CTFish, there was literally nothing remotely CTF about it. If that was your conclusion you missed steps or didn’t understand what you were doing or why.
I effing hated the foothold while I was doing it, but it’s only because I was too dumb to know a better way to do it, so this box really hammered some important things home.
A little guidance in order to become user 1000? I’m stuck on my t****t user shell
use the information you have (hopefully) gathered along the way – the information is there if you have done all the enumeration that you should have… keep searching! what you need is available if you look at what you have access to…
I found the t*****-***.ml file and I’ve got the man but i cant find a way to get the shell or any other thing.
This is my first box so any help would be appreciated.
Done it, learnt a few interesting things.
Foothold: someone says is ctfy, someone not…well, I think it depends a lot on your mindset. If you are one who thinks that an easy machine should spoonfeed everything to go ahead, then yes, you can think it’s ctf.
If you think that a machine, whatever level should be, must drive you in a learning path, then it is not at all.
User: wysiwyg
Root: i literally spent hours trying to understand why i was failing despite doing exactly what was needed…then eventually i discovered that gaining a working shell sometimes is not enough…
Get the shell as user t*****t but from here, don’t see any direction to find the user flag.
find all file that user have access, but just don’t get how to do this.
Any help will be nice
Well, Foothold wasn’t that easy to me, I think it’s difficult to guess and to deal with that service to do what you want to do. The rest, pretty straight forward.
Foothold: my hint is, try to read that file exploiting that L** vuln. Then you just have to use what you got, and read the service docs; using GUI is not always the best way to upload thinks, you can use other Terminal tools.
User: just enum, begin always near were you start, and look for files that you can read (can you?)
Root: well, It was new to me, so I had to spend long time checking l****um and other tools output… you need to know “who you are”, and then check what can you do with that at Google; you will found a POC to exploit that easily. This part is hard when you use free labs
Get the shell as user t*****t but from here, don’t see any direction to find the user flag.
find all file that user have access, but just don’t get how to do this.
Any help will be nice
Have you identified the the username on the system you are trying to compromise? If so, then Google is your friend – search how to use the ‘find’ command to search the system for files owned by that user, and dig deeper… “the answer is out there, Neo, and it’s looking for you, and it will find you if you want it to…” (no - that’s not a hint or a nudge…)
Get the shell as user t*****t but from here, don’t see any direction to find the user flag.
find all file that user have access, but just don’t get how to do this.
Any help will be nice
Have you identified the the username on the system you are trying to compromise? If so, then Google is your friend – search how to use the ‘find’ command to search the system for files owned by that user, and dig deeper… “the answer is out there, Neo, and it’s looking for you, and it will find you if you want it to…” (no - that’s not a hint or a nudge…)
Get the shell as user t*****t but from here, don’t see any direction to find the user flag.
find all file that user have access, but just don’t get how to do this.
Any help will be nice
Have you identified the the username on the system you are trying to compromise? If so, then Google is your friend – search how to use the ‘find’ command to search the system for files owned by that user, and dig deeper… “the answer is out there, Neo, and it’s looking for you, and it will find you if you want it to…” (no - that’s not a hint or a nudge…)
Thanks,
How i was stupid
We are never stupid… just stumped sometimes… it’s easy to NOT SEE what is right in front of you… in the past, when I was stumped while working on a project, I would go explain to someone what I was doing and where I was stuck, and usually just talking through it to someone else (who didn’t have to be knowledgeable with the subject matter, in fact better if not) would open my mind to what I was missing…