Traceback

Rooted, very fun box for a beginner like me.
Thank you Xh4H!!!

Init: You can’t be lazy enough with google
User: Enum, see what you are allowed to do, and learn a new language (at least for me)
Root: This was really fun, backups are important to not spoil the game.

PM me, if you need a nudge

Good box but it is laggy as ■■■■.

This was a nice and quick box to work on. Google-fu, history, and peas helped me to escalate my way to root.

Hi,

I can use some help with priv esc to root.

So far I have the following (I hope I don’t give too much)

I have access to the box as SA user. I have found an interesting process with accompanying files that I can write to. The problem, for example when I edit a file and execute it manually, I have Code execution (ping & shell)

Only thing that I run into now is that the process doesn’t trigger my code, logically the process only uses cp.

But now the 1 million dollar question, how to proceed from this point. Am I missing something, am I completely wrong?

So I hope someone will share the thought process with me and help me further.

User was a breeze, all you need to do is already mentioned in there. Root is a bit tricky, a quick 2 steps process. And I had to experiment with different reverse shells to get it to work. Learned a thing or two. Thanks to the author(s).

Just managed root. Have to say, not really a fan of foothold, but hey, it’s a different concept from what I’m used to and this isn’t real life anyway, so it’s whatever. Getting both user and root were interesting tricks to add to my arsenal; I was a little scared when going for root because I thought I was gonna screw up the box for everyone else, but I realized that’s not really possible. PM me with questions. Happy to help!

rooted !!
it was a wonderful machine

i was stuck in root part but i figured it out at last.

hint:
root: after writing on the changing file … just try to enter from another port. time is the key.

I got the backdoor, but don’t know where to search for user

User and Root!
God this was hard for me personally, because I just started with trying to do ctf’s so I can have some kind of skill in life.

Hints:

USER: Google is your friend and you can always make locks and keys.

ROOT: Google is your friend and timing is very important.

User + Root
All hints & info PLUS extra to gain user and root are included in this thread. Take the time to research, I will not provide as it would just be regurgitating, take the time to invest in reading this thread and performing the necessary search engine to gain accesses. If you don’t know something - research. record all hints provided and build a playbook, you will combine and learn all angles. Enjoy as I did!

Thanks Xh4H!

Hi everyone. I got root on this box but unable to submit the flag. . it says flag is incorrect. i tried resetting the box. but its still the same.
i am unable to submit both user and root flags.

Finally Rooted… thanks a lot @segsalvaje and @TazWake

Awesome box

Super good intro box for new users, covers a lot of techniques. Getting root flag was interesting, I got it without elevating to root user. PM for tips

Late to the party but rooted!

rooted …pm me for nudges

Finally! Had a headache on the root part since I’m pretty new to this kind of stuff…

Seeing everybody claiming it was an easy box makes me wondering something about the root part: Is it a well-known vulnerability on that particular process? Or is it that easy because of a classic walkthrough?

Cheers to @Xh4H for the work and @TazWake for the hints. I feel like learning thousands of new tricks and stuff per day and it feels sooo good

Rooted. question : did somebody succeed to have a reverse shell under root? nxxxxx was missing a intesresting option that is often used. the hash could also be received by feeding interesting files to the cat…

Rooted!!!
ping me for any hints and tips

nice box, i know im late but as a newbee for me this is just the beginning :slight_smile: this box was easy for the fact that i knew what the path was, but figuring out how things work took me some time… like to look for the right php or message was clear, but how to seek, finding and using it was another thing. but with fast fingers i got a root shell :slight_smile: