There may be more than one way to root Worker and at least one requires hacking/exploitation skills
Rooted. This was really fun and taught me new things. Thanks to @Andres7ll for nudges that helped me get user because I was overcomplicating things. After that, root was a breeze. Way easier than I expected!
PM me if you need nudges or hints. I will not give you any straight answers though. I will simply point you in the right direction and help you learn as I did.
Well, Iâm probably sleep deprived and over complicating this - but Id welcome a nudge on what to do with the tool once you login. I know its probably something to do with the | feature, and I assume a markup language of some sort but beyond that⌠Lost.
@melodicminor said:
Well, Iâm probably sleep deprived and over complicating this - but Id welcome a nudge on what to do with the tool once you login. I know its probably something to do with the | feature, and I assume a markup language of some sort but beyond that⌠Lost.
maybe you can get the âtoolâ to build you something âŚ
âsomethingâ that opens the door and allows you to execute commands based on the backend technologyâŚ
Might be too crypticâŚ
@acidbat not too cryptic Iâm just in a funk - Iâll come back to it in a few hours and see if I can wrap my head around it - thanks for the assist!
Iâm on that path. I think I can plumb together what I need eventually, probably just need to RTFM a little closer.
@melodicminor no worries mate.
hi guys looking for help, having the following error with a certain tool
info: Establishing connection to remote endpoint
Error: An error of type HTTPClient::ReceiveTimeoutError happened, message is execution expired
Error: Exiting with code 1
This was a really cool box and I definitely learned some new tricks. Thank you @ekenas this was well done!
DM for nudges.
i just cant get the creds out using s*n !!!1
a little assist please
@in3vitab13 said:
i just cant get the creds out using s*n !!!1
a little assist please
Revisions matter.
Type your comment> @TazWake said:
@in3vitab13 said:
i just cant get the creds out using s*n !!!1
a little assist pleaseRevisions matter.
you never fail to show me the way!
thanx my man!
ohkay this is my first windows machine, and i have no clue whatsoever
so what should i study or where should i need to look for reverse shell here?!!
a little push needed guyzz
@in3vitab13 said:
ohkay this is my first windows machine, and i have no clue whatsoever
so what should i study or where should i need to look for reverse shell here?!!
a little push needed guyzz
I wouldnât think of this as a âwindowsâ machine. Your attack is based on the technology stack in use and the box name is a bit of a clue. Once you log in, look for ways you can use the technology to run commands on your behalf.
Type your comment> @TazWake said:
@in3vitab13 said:
ohkay this is my first windows machine, and i have no clue whatsoever
so what should i study or where should i need to look for reverse shell here?!!
a little push needed guyzzI wouldnât think of this as a âwindowsâ machine. Your attack is based on the technology stack in use and the box name is a bit of a clue. Once you log in, look for ways you can use the technology to run commands on your behalf.
ohkay m on it!!
need a little research from my sideâŚwill do it!1
Type your comment> @ins3cure said:
I would really like to kill the r******r before he kills me
Uf⌠finally got the user!
Edit again: rooted! A bit frustrating because of poor performance. But an enjoyable machine overall, and quite realistic.
No joke on the r******r bit! Looking for any nudge in how to get around that particular hurdle. I am able to do just about everything else I need to get this thing knocked out.
Type your comment> @beehammer said:
Type your comment> @ins3cure said:
(Quote)
No joke on the r******r bit! Looking for any nudge in how to get around that particular hurdle. I am able to do just about everything else I need to get this thing knocked out.
The r******r bit is just a necessary step to do machine cleanup. You have quite a big window to do your stuff before it kicks in. Time it well and you shall succeed
Type your comment> @ekenas said:
Type your comment> @beehammer said:
Type your comment> @ins3cure said:
(Quote)
No joke on the r******r bit! Looking for any nudge in how to get around that particular hurdle. I am able to do just about everything else I need to get this thing knocked out.The r******r bit is just a necessary step to do machine cleanup. You have quite a big window to do your stuff before it kicks in. Time it well and you shall succeed
I can imagine that but it seemed to be running every 30s or so. I would upload the thing and before I could navigate to it, R would have run and it would be cleared out.
The window is 10 minutes
Type your comment> @ekenas said:
The window is 10 minutes
Not sure what was going on but after somebody reset the machine, it acted normal and I was able to complete user and root flags last night. Fun box with some unexpected direction. I did not see s********n and A**** D****s coming in the same system!