i am stuck hard on root flag all day now…i have a shell inside b*** but seems im not as root as i thought i was. anyone care to PM me a hint? i have read all in this thread(which makes me think i should have found it ages ago lol). im sure it’s something i overlooked.
Update:
so…box was just reset…logged back in…get my shells…read a file that i swear i read before.
Got root!
I currently have a reverse shell back to my linux machine. As others have mentioned, it drops when an error occurs or I try running the obvious executables. How can I get an interactive stable shell back to my machine ? I looked online and all I found were non interactive to ineractive shells for linux based victim’s. Any suggestions or nudges would help. Thanks!
EDIT:
I was using a different version of n****t.exe and that was effing things up. Thanks for the box.
I stuck at the initial foothold. It was a long and intense struggle, but I learned a lot and finally I was able to find my way. This box was an amazing ride. Thank you 0xdf
Getting the initial foothold was the most confusing thing about this box, the user shell was comparatively easy. Tbh, I have no clue why so many people in the thread complained about unstable shells. Getting root read access was easy enough but I wanted a root shell. I even talked to a coworker because my usual tricks didn’t work out. Now it works and I’m happy
Got user, I have found a way to get root but can’t see any file. Can someone PM me to check if I am on the wrong path ? Thanks !
EDIT: Got root, learned a lot, thanks to @clmtn and to @0xdf for the box !
My feedback for areas I got stuck on (aside of my OVPN client not working and me thinking it was a flaky shell):
I got stuck on some injection right at the beginning. I sat down and wrote down what I thought was the query being executed, then wrote into that what I would do to bypass it. Copied and pasted and that worked.
Spin through Wikipedia’s page on new features to Windows 10. There are some really weird looking directories and files on the box. It should ring some bells when you see it in the Windows 10 feature listing.
When you know what you are looking for GO FIND IT.
At this point, start enumerating like you would do a new box.
Good luck!
Hey there,
I’m trying the injection route to eventually get to an initial foothold, and I did notice something after submitting a new note i.e. how the entry gets referenced to an id and ends with ". I looked online to see what that could be, either it’s a commenting out thing or something tied to php. Would you be able to provide any hints? I think I’m getting somewhere.
I’m trying the injection route to eventually get to an initial foothold, and I did notice something after submitting a new note i.e. how the entry gets referenced to an id and ends with ". I looked online to see what that could be, either it’s a commenting out thing or something tied to php. Would you be able to provide any hints? I think I’m getting somewhere.
This box retired quite some time ago. You might find it easier to look through one of the write ups to find a solution (there are a lot of write ups).