Official Worker Discussion

Very interesting machine, I never heard about this service, that is good, because it is now part of my check list, so thanks to @ekenas for uploading this one

My Hints

User

  • Remember that time travel is always an option
  • This step was a bit disappointing to me because the Build → Release feature was made automatically by the machine
  • Enumerate a little bit

Root

  • Maybe you can create your own… line

If this is spoiler feel free to remove it

Type your comment> @Jk3r said:

Can anybody tell what im supposed to do after i log in with n"""n ? Confused !! i need to be in the right path …

Honestly that reverse shell, a little bit and i loosed my mind

Rooted,
What a fun machine. Thank you @ekenas for creating it, awesome job :smiley:
Also a thank you to @Andres7ll for some sanity checks and subtle nudges.

Does someone have a nice article for root? Thanks!

Type your comment> @syn4ps said:

Does someone have a nice article for root? Thanks!

https://docs.microsoft.com/en-us/azure/devops/learn/git/what-is-git

nice machine, but i was disappointed because it not has erally hacking, just enum, but its so funny, the root part was pretty easy :wink: ( feel free to ask me questions )

There may be more than one way to root Worker and at least one requires hacking/exploitation skills :wink:

Rooted. This was really fun and taught me new things. Thanks to @Andres7ll for nudges that helped me get user because I was overcomplicating things. After that, root was a breeze. Way easier than I expected!

PM me if you need nudges or hints. I will not give you any straight answers though. I will simply point you in the right direction and help you learn as I did. :smile:

Well, I’m probably sleep deprived and over complicating this - but Id welcome a nudge on what to do with the tool once you login. I know its probably something to do with the | feature, and I assume a markup language of some sort but beyond that… Lost.

@melodicminor said:
Well, I’m probably sleep deprived and over complicating this - but Id welcome a nudge on what to do with the tool once you login. I know its probably something to do with the | feature, and I assume a markup language of some sort but beyond that… Lost.

maybe you can get the “tool” to build you something …

“something” that opens the door and allows you to execute commands based on the backend technology…

Might be too cryptic…

@acidbat not too cryptic I’m just in a funk - I’ll come back to it in a few hours and see if I can wrap my head around it - thanks for the assist!

I’m on that path. I think I can plumb together what I need eventually, probably just need to RTFM a little closer.

@melodicminor no worries mate.
:smiley:

hi guys looking for help, having the following error with a certain tool

info: Establishing connection to remote endpoint

Error: An error of type HTTPClient::ReceiveTimeoutError happened, message is execution expired

Error: Exiting with code 1

This was a really cool box and I definitely learned some new tricks. Thank you @ekenas this was well done!

DM for nudges.

i just cant get the creds out using s*n !!!1
a little assist please

@in3vitab13 said:

i just cant get the creds out using s*n !!!1
a little assist please

Revisions matter.

Type your comment> @TazWake said:

@in3vitab13 said:

i just cant get the creds out using s*n !!!1
a little assist please

Revisions matter.

you never fail to show me the way!
thanx my man!

ohkay this is my first windows machine, and i have no clue whatsoever
so what should i study or where should i need to look for reverse shell here?!!
a little push needed guyzz

@in3vitab13 said:

ohkay this is my first windows machine, and i have no clue whatsoever
so what should i study or where should i need to look for reverse shell here?!!
a little push needed guyzz

I wouldn’t think of this as a “windows” machine. Your attack is based on the technology stack in use and the box name is a bit of a clue. Once you log in, look for ways you can use the technology to run commands on your behalf.

Type your comment> @TazWake said:

@in3vitab13 said:

ohkay this is my first windows machine, and i have no clue whatsoever
so what should i study or where should i need to look for reverse shell here?!!
a little push needed guyzz

I wouldn’t think of this as a “windows” machine. Your attack is based on the technology stack in use and the box name is a bit of a clue. Once you log in, look for ways you can use the technology to run commands on your behalf.

ohkay m on it!!
need a little research from my side…will do it!1