Official Academy Discussion

Rooted !

Straightforward box, that’s a nice training for beginners :).
PM if needed !

Type your comment> @DavidWaugh said:

Struggling to make progress. Ive tried sql injection on the webpages but made no progress. Ive run nikto and ffuf looking for subdomains. Im going to try the non webport next

some good recon got me further.

Finally rooted
i was stuck on root part, thank’s to @Zweeden
this box is really fun , good job @egre55 @mrb3n
PM if you want some help

Can someone give me a nudge? I’m enumerating for like 2 hours but still nothing.

I’m stuck after get admin page and found the hidden place, any nudges?

Anyone done initial foothold exploit manually? I’m trying to do it with curl but no luck

Could anyone please PM me hint for user? I looked at a lot of things, but no luck. Thanks :slight_smile:

@graphex i will PM you

Could anyone please PM me hint for Lateral movement?

@sT0wn check PM …

Rooted! If you need help you can PM me!

Well I graduated with root level honors.

Foothold: I looked over something very simple whislt trying to break into the machine, posting stuff around without checking is never the right way of doing things…

User: Not too difficult here, enumerate and use your google fu to get you by. GREP helped me a lot here.

Root: Possibly the easiest part of the machine if you picked up on something interesting while enumerating.

Hello can anyone PM me.? I’m stuck after getting the foothold. Currently trying to get the user credentials.

@SovietBeast said:
Anyone done initial foothold exploit manually? I’m trying to do it with curl but no luck

PM’ing you now

Got initial foothold, that was quite fun, definitely managed to get it by learning my lesson from my previous machine :slight_smile:

Just rooted.
I have very little xp, but this is one of the most enjoyable machine so far.
Thanks @mrb3n and @egre55!
I can understand why people more experienced than me rated this easy.
For me was just in reach, after i stretched all myself :smiley:
That was so much fun.

Just out of curiosity, can someone explain me what I saw during lateral movement?
That thing catches your eyes but I don’t understand it.

PM me for nudges!

Got user! That was fun, now going to try getting root :slight_smile:

Was going back to the thing found during “lateral movement” and the thing is not there anymore. Can someone who already went over that point check it up, please? I dont know if something was messed up before of after i got that thing

@oceans11 said:
Was going back to the thing found during “lateral movement” and the thing is not there anymore. Can someone who already went over that point check it up, please? I dont know if something was messed up before of after i got that thing

Whatever “thing” you mean (probably a script) was likely put there from a fellow user. People sometimes don’t use the /tmp directory so you’ll find various recon/enumeration scripts, executables, etc. lying around sometimes, particularly in home directories.

@Aelarion I PM’d you