I got user at this point, and I think I found what I need to know for root, but based on what I found and how it can be used, it got me all confused…can someone help and put me in the right track?
I got user at this point, and I think I found what I need to know for root, but based on what I found and how it can be used, it got me all confused…can someone help and put me in the right track?
Difficult to not spoil, but if it is writable, write to it.
Hi everyone, ive been looking for a CVE but there so many that i cant tell what to use. Any help? please
I had the same problem initially but if you look at how they have patched these types of vulnerabilities you can use that knowledge to find the correct one by automation. It really makes the needle stand out from the haystack.
Some people said this box is easy but honestly, when you never had to exploit that kind of vulnerability, it’s kind of a nightmare. I spent hours and hours reading articles and watching videos, trying to get my head around it, plus… Java… and in the end that was a little push from @TazWake that helped me enough to get a shell. But, yeah, if you struggle, that’s okay, lots of new things here and you might catch a lot of fishes before grabbing the good one. Good box overall, and root part was just a matter of paying attention.
I also don’t know why people said to look at the newest CVE, it seems very misleading, unless there are several ways to do it, in case I’d be happy if someone could give me a link with explanations
Thanks @egotisticalSW & @felamos !
Rooted!
I highly recommend this box for beginners, especially the privilege escalation part.
User: Google-fu
ROOT: that’s easy, you got this.
PM me for a nudge. But first tell me what you’ve tried.
I went down the rabbit hole. Spent two whole days researching articles on a specific type of vulnerability as this is my first exposure to it. I reset this morning and took a step back. I get certain errors but don’t know what to do with them, the google-fu that everyone expects is subjective and it leads me back to the same articles I was researching for two days. No bueno.