Poison

Got it… Thanks to everyone who helps… It really pays to stop and think about what the service is doing and how you could connect and even how that works! I overthought certain things including the solution. I had all the puzzle pieces and kept trying to jam in the wrong one.

Can someone with ssh root access reset the ---- (Avoiding spoilers) service you use to connect to root? It’s locked out because of too many tries, and it has been reset already today, (Free-EU server), I suspect someone is trying to brute-force the service, and fucking us over by doing it :confused:

ROOTED! That machine should be Normal rank at least. Learned many things Haven’t thought before and actually needed to think as the way the user does. COOL!!

@ronylev said:
Can someone with ssh root access reset the ---- (Avoiding spoilers) service you use to connect to root? It’s locked out because of too many tries, and it has been reset already today, (Free-EU server), I suspect someone is trying to brute-force the service, and fucking us over by doing it :confused:

Hay , buddy. I’ll reset this machine for you. Are there?

@st4rry said:

@ronylev said:
Can someone with ssh root access reset the ---- (Avoiding spoilers) service you use to connect to root? It’s locked out because of too many tries, and it has been reset already today, (Free-EU server), I suspect someone is trying to brute-force the service, and fucking us over by doing it :confused:

Hay , buddy. I’ll reset this machine for you. Are there?

Yeah thanks

I am killing myself here - I’m reading all these comments, without saying to much can someone PM me some ideas on what I am looking for when it comes to root. I can the zip, but enumerating the sh*t out of this thing and cannot see this “service”

@UN1X00 said:
I am killing myself here - I’m reading all these comments, without saying to much can someone PM me some ideas on what I am looking for when it comes to root. I can the zip, but enumerating the sh*t out of this thing and cannot see this “service”

Have you unzipped ? Did you see the interesting service when you check running services as root?

@st4rry said:

@UN1X00 said:
I am killing myself here - I’m reading all these comments, without saying to much can someone PM me some ideas on what I am looking for when it comes to root. I can the zip, but enumerating the sh*t out of this thing and cannot see this “service”

Have you unzipped ? Did you see the interesting service when you check running services as root?

Yes. I have unzipped - not sure what the interesting service is.

@UN1X00 said:

@st4rry said:

@UN1X00 said:
I am killing myself here - I’m reading all these comments, without saying to much can someone PM me some ideas on what I am looking for when it comes to root. I can the zip, but enumerating the sh*t out of this thing and cannot see this “service”

Have you unzipped ? Did you see the interesting service when you check running services as root?

Yes. I have unzipped - not sure what the interesting service is.

Okay - I had found the service, just needed telling It was the correct one.

Spoiler Removed - Arrexel

Welp got over the last one but when I connect I only get a grey screen with a cross crosser, advice?

@capnspacehook said:
I got user on the box awhile ago, sat down yesterday and rooted it after I realized how you’re supposed to root it. I’m available for a PM, but here’s some free tips:

  • Don’t overthink the zip file. Unzipping it should be easy, and it’s use will become apparent later.
  • If you do the normal Linux enumeration stuff, you should see something juicy you can use right away. How to use it is the challenge :wink:

I cant seem to unzip the zip file? I am not prompted for a password and -p flag does not work. Any help?

Hi guys!

I got the user.txt and now I am working on the privesc part. Already found the service, managed to set up tunnel, but I have no idea about the pass i should be using for the connection. Tried the ssh pass already, did not work for me. Unzipped the secret, but its not readable by humans… Am I missing something? Need help!

@voidhofer said:
Hi guys!

I got the user.txt and now I am working on the privesc part. Already found the service, managed to set up tunnel, but I have no idea about the pass i should be using for the connection. Tried the ssh pass already, did not work for me. Unzipped the secret, but its not readable by humans… Am I missing something? Need help!

Think about how a file could be used aside from being read.

@ronylev said:
Welp got over the last one but when I connect I only get a grey screen with a cross crosser, advice?

I can only say you’re in the right direction, but you included an extra step that got you that grey screen. Take a moment to plot out the process of where you’re trying to get and how.

@MisterR said:
I cant seem to unzip the zip file? I am not prompted for a password and -p flag does not work. Any help?

Try bringing it to your local machine first.

@MisterR said:

@capnspacehook said:
I got user on the box awhile ago, sat down yesterday and rooted it after I realized how you’re supposed to root it. I’m available for a PM, but here’s some free tips:

  • Don’t overthink the zip file. Unzipping it should be easy, and it’s use will become apparent later.
  • If you do the normal Linux enumeration stuff, you should see something juicy you can use right away. How to use it is the challenge :wink:

I cant seem to unzip the zip file? I am not prompted for a password and -p flag does not work. Any help?

Never mind, I copied the zip file to my machine and extracted it locally. x.x worked instantly

I been thinking about this file for hours, still have no idea what to do with it. Tried to use it as private key, did not work. Tried to decrypt, tried to run. Nothing worked. More hint would be great!

Hi guys!
I think I have understood the usage of the unzipped file.
Anyway, I can’t connect to the service : “Authentication failed”. Can anyone help me?

I already reset the machine.

Thank you in advance!

@voidhofer said:
I been thinking about this file for hours, still have no idea what to do with it. Tried to use it as private key, did not work. Tried to decrypt, tried to run. Nothing worked. More hint would be great!

Enumerate the system and look at the services ran by root. How could you use that file with a service? Do some “digging” as mentioned earlier.

@0xD3adC0d3 said:
Hi guys!
I think I have understood the usage of the unzipped file.
Anyway, I can’t connect to the service : “Authentication failed”. Can anyone help me?

I already reset the machine.

Thank you in advance!

If it says it failed too many times, it’ll need a reset. If not, then you’re not connecting the correct way or using incorrect syntax. Draw it out as to how you are connecting and how it works.

Need a nudge on this one. I’ve got rce, can read some files on the system. Have a few creds, i think i found where to use one set but cannot get output back once i authenticate.