Official SneakyMailer Discussion

Cannot ping this box any other… is it just me or you guys having issues as well?

Spoiler Removed

Spoiler Removed

Edit:

Sorry for the spoiler guys =D

interesting challenge

Whoever is killing the vhost we need talk to in order to advance, could you restrict your gobuster threads or whatever is causing this DoS to a more appropriate amount? thx in advance!

I’m struggling with the initial foothold so I’m either down a rabbit hole or I’m over complicating things (or both). If anyone is willing to share some hints send me a message and I’ll let you know what I’ve tried so far and you can have a good laugh.

Type your comment> @sloth1985 said:

I’m struggling with the initial foothold so I’m either down a rabbit hole or I’m over complicating things (or both). If anyone is willing to share some hints send me a message and I’ll let you know what I’ve tried so far and you can have a good laugh.

You have some emails… you can see some protocols related to mail server… you have certainly some tools to use them both ?.. and listen the result!!

Struggling with initial foothold.
I know I have to cook fish
I can send test messages to one of the user successfully (At least the response says so)

Do I need to send payload ?
What kind of payload for linux?

Am I in the right direction?

Any hints?

sometimes you catch a fish with a spear and sometimes you have to go after all thoses fishes

Struggling with user. Any suggestions or hints?

I’m hang in the initial foothold. I’m testing with ETRN command trying to catch the fish, is it the correct path or I’m overthinking as always?

Thanks

I have got the **rs and e****s and am stuck know. Need some hints, no spoilers.

Got root. Thank you @sulcud for a fun box, got to learn about some tools I hadn’t used before.

root@sneakymailer:~# id
uid=0(root) gid=0(root) groups=0(root)
root@sneakymailer:~# hostname
sneakymailer
root@sneakymailer:~# ip addr | grep 10.10.10
inet 10.10.10.197/24 brd 10.10.10.255 scope global ens160

Feel like I missed a step. Is it just a lot of enumeration for users?

Was able to login on port 1#3 got the message dedicated to the user ##ve##pper but didn’t understand the message about P#yP# . Any hints?

never mind got www-d###

I really loved how this box was built to demonstrate a realistic scenario, I also appreciated all the effort made in putting those scripts to keep the box stable.
Big up @sulcud and thanks for the box! :slight_smile:

Great box @sulcud learned a lot of new techniques. Was really impressed with the enumeration needed to get a foothold. One of the first boxes I have ever seen use that technique.

Hint: Look at the box profile image and think like an attacker

sneakymailer
uid=0(root) gid=0(root) groups=0(root) 

Great Box, learned new things!
root@sneakymailer:~# id
id
uid=0(root) gid=0(root) groups=0(root)

Finally rooted!!!
Nice box, If anyone need a nudge, PM

Type your comment> @GH057404 said:

Struggling with user. Any suggestions or hints?

Finally rooted. root part was so easy when considering the initial foothold and user part

thanks @schizo for the hints