rooted! If anyone need help just DM
TambiƩn en espaƱol
Root it thanks for @ka1z3n for help
Admirer done. Really enjoyed this. A good logical path through to user with some rabbit holes along the way for good measure. Root was easier and good example of a technique I was aware of, but have never done before. Thanks to @GibParadox & @polarbearer
As others have said read everything and try to understand what it is telling you. Learnt how to better use tools I knew and some I didnāt.
Happy to provide nudges. Feel free to PM.
Finally rooted this machine
Thanks @mervan and @hughesdg for the final nudge
It was fun and a logical machine foothold was frustrating but once you understand, it becomes easy
Foothold:look at what robots have to say. Go to the place they point and enumerate and enumerate till you reach the gate,
User : Read the file which you visited at the very beginning and that has the necessary thing, use that to get inside the machine
Root : Past is the answer to your problem.
PM if you need help
Why does it keep saying my root and user hashes are incorrect
Type your comment> @sudozeus said:
Why does it keep saying my root and user hashes are incorrect
You donāt need any hashes to get user or root.
Type your comment> @ion0x0 said:
Type your comment> @sudozeus said:
Why does it keep saying my root and user hashes are incorrect
You donāt need any hashes to get user or root.
No i got root and user and the .txt flags wont submit
I think user.txt and root.txt change on every box start
Type your comment> @sudozeus said:
Type your comment> @ion0x0 said:
Type your comment> @sudozeus said:
Why does it keep saying my root and user hashes are incorrect
You donāt need any hashes to get user or root.
No i got root and user and the .txt flags wont submit
You mean flags? Okay. You need to get through all the way one more time and submit the flags once you get them.
Today I learned that p***** m***** i***rt can be used for privesc and my mind went BOOM!
canāt i find creds file, what wordlist is correct for to find file ?
Type your comment> @mrf4thack said:
canāt i find creds file, what wordlist is correct for to find file ?
Normal wordlists will get it. version b.c
Type your comment> @Karthik0x00 said:
Type your comment> @mrf4thack said:
canāt i find creds file, what wordlist is correct for to find file ?
Normal wordlists will get it. version b.c
nothing yetā¦
I canāt find the login page.
Finally got rootā¦ this box took me a loooong time to get and I needed a lot of hints which I took from this thread. In retrospect I overlooked a few obvious things early on which slowed me down and caused me no end of frustration when I couldnāt even find a breadcrumb to the foothold, and there are definitely a lot of red herrings with all the credentials you can find in various placesā¦ getting user was pretty easy once I figured that out.
Honestly though I think the root priv esc was the most annoying thing about this box. For sure, now that I know the method, I think itās very interesting, but unless you happen to be a fairly competent p***** dev, I think itās very esoteric, and not at all obvious from looking at the files that there might be an exploit there. I wasted literally days stuffing around with cbs and ev to no avail. In the end, it was only that someone else left a file lying around in the home directory which pointed me in the right direction.
Still, Some good lessons were learned.
Rooted. I spent a few days with this box. There were definitely some aspects that, looking back, I over complicated. One of the tough parts is that thereās a lot of white noise. Youāre giving a lot of data that you can, ostensibly, exploit but it doesnāt pan out.
My one real hint is for root. The vector was obvious to me, but I botched setting it up hard and it cost me hours of pain. Donāt set snake paths only locally.
DM me if you need a nudge or to talk out a vector.
Thank you @polarbearer and @GibParadox for the box!
finally rooted! I struggled most with the initial enumeration mostly bc I just got impatient and frustrated. user was fun and interesting, took me a couple nudges to find the page. I had the most fun with root, very interesting exploit. I will be making sure I never make that mistake when Iām programming lol.
PM for nudges
A tricky box, but learnt new things from it. Enum is great, just avoid rabbit holes and read carefully for hints. Google-fu for exploits, if needed, and youāll have root in no timeā¦ Sadly it took me a bit of time though.
Ok i,m Stuck and need a push in right direction.
Currently trying to find the login page.
Type your comment> @cycloneripper said:
Ok i,m Stuck and need a push in right direction.
Currently trying to find the login page.
There are a ton of hints on this post regarding that question. You said you are trying to find something. How are you searching? What have you done?