Type your comment> @Ectrix said:
Hello all. In need of some help escalating ws03. Got user and a shell but need some tips on how to progress. Thanks.
You can send me a PM if you are still stuck.
Type your comment> @Ectrix said:
Hello all. In need of some help escalating ws03. Got user and a shell but need some tips on how to progress. Thanks.
You can send me a PM if you are still stuck.
I’ve got the first 15 flags, and I just owned the machine that seems to be the intended pivot to the admin subnet based on a few hints lying around the machine, but it’s not a dual homed host or anything. I can’t ping machines in the admin subnet or load webpages in the browser from this machine. Is there more I need to do on this machine to get access to the second internal network?
Edit: Solved. Just wasn’t being stubborn enough. Thanks ST0wn.
Anyone able to lend a hand on the LFI? Not exactly sure how to get a shell from it, feel like I have tried absolutely everything and am down a rabbit hole
anyone having issues hitting the LFI? getting unable to connect
sorted, anyone give me a nudge on downloading a .zip
Type your comment> @browna351 said:
sorted, anyone give me a nudge on downloading a .zip
Maybe netcat.
Anyone able to give some hints for moving off the foothold machine? I’ve found a few things and got a few ideas but having trouble getting anything to work.
hello everyone, i feel like i’m running in circles enumerating the DC-01… i’m stuck on WS-01 and SQL-01 too, anyone has an idea on what to do?
Anyone out here who can help me out a bit on the initial foothold? Got first flag, know which user to target, got the text file, however, rockyou is not helping me out at all. Been stuck pretty long ;c
Type your comment> @Mayseve said:
Anyone out here who can help me out a bit on the initial foothold? Got first flag, know which user to target, got the text file, however, rockyou is not helping me out at all. Been stuck pretty long ;c
for a hint on foothold feel free to dm me
Anybody out there willing to give me a pointer on the foothold for DANTE-SQL1 or the box running Jenkins?
Type your comment> @f3eDme said:
hello everyone, i feel like i’m running in circles enumerating the DC-01… i’m stuck on WS-01 and SQL-01 too, anyone has an idea on what to do?
Edit: Got both DC-01 and WS-02 (mistyped the firt time) moving on to SQL-01
Anybody completed the Jenkins box? I have a hunch of what is required, however I’m not sure how to pull it off without a POC?
Have completed half the lab, so PM me if anyone needs pointers, and i may be able to help.
I’ve got everything but WS02. Based on the flag name and position in the list I have a hunch about what computer I might need to look at for a foothold on WS02, but I haven’t found a way yet. Would appreciate a hint…
Also willing to give hints on the other machines. Just PM me.
Edit: Finally got it. Thanks for feedback.
Got the 1st flag. Anyone can give me a nudge on the 2nd?I have an idea and I’m trying it, if not this, I don’t know. Can someone DM me a hint please? Thank you!
Guys, is the .100 w*******s pass changed? Cause I can’t login.
Just to give some hints like classic machine lab discussion:
Century box:
user: trust the information you have and persevere with your own content
root: enumeration scripts most likely give you the solution
Pivot: SSH and SOCKS are common tools to do this
Edit: Disregard! (Started the lab today. This was just a comment about filtered ports.)
Hi guys. I have been stuck at privesc on NIX02 from F to root for a few days now. I have identified that we must be talking about p***** lib**** h******** but I simply cannot make it work (seems like the way the script gets called does not execute the code?). I have watched all Ippsec’s videos about it and googled. Could someone please PM me a hint. Thanks
Just to give some hints like classic machine lab discussion:
NIX02:
user: somtimes read is more usefull than execute
root: read files again
Type your comment> @michael7474 said:
Just to give some hints like classic machine lab discussion:
NIX02:
user: somtimes read is more usefull than execute
root: read files again
You are right, thank you!