Rooted this box a few days ago! Though it was quite a fun one. I though that some parts were a bit CTF-y, but if you have some experience with HTB boxes, nothing should be too surprising.
The thread already contains many good hints, I can basically only reiterate what was already said:
Foothold
- Be sure to thoroughly enumerate the box and keep track of all infos you find
- The usual password lists won’t get you far. Make your own one. There’s a cool tool that can do that for you.
- Look up publicly known exploits - don’t use M…sp…t, from what I gather, the manual way is actually easier and it’s quite well documented
User
- Once you’re on the box, enumerate again
- Look up what other services are installed on the box
- Again, usual password lists won’t get you far, but there’s a station online that can help you crack what you find in seconds
Root
- Don’t think too far/too complicated. Don’t fall into rabbit holes.
- Check out what you are allowed to do. That should be one of your standard steps anyway.
- You might notice something strange… search for that online and you’re basicaly there.
If anybody needs some help, feel free to drop me a PM. Happy to help, but I’m not online a lot here at the moment 