Official Ready Discussion

I’ve got user and r_p. Don’t know where to use it. Can anyone help me with further steps

@thePr0fessor said:

I’ve got user and r_p. Don’t know where to use it. Can anyone help me with further steps

I am not sure what r_p is.

If you have the user flag, privesc is largely enumeration.

Type your comment> @TazWake said:

@thePr0fessor said:

I’ve got user and r_p. Don’t know where to use it. Can anyone help me with further steps

I am not sure what r_p is.

If you have the user flag, privesc is largely enumeration.

I think we’re on the same page, stuck on privesc. Hes referring to the /r***_p*** file.

need help as well,
I used a public exploit for the foothold, shell prompts for g** user, is this the right path? i managed to came across with the //b** directory, my gut says this is the right path to privesc however no idea how to use these information. can someone confirm this?

@bigoteman said:

Type your comment> @TazWake said:

@thePr0fessor said:

I’ve got user and r_p. Don’t know where to use it. Can anyone help me with further steps

I am not sure what r_p is.

If you have the user flag, privesc is largely enumeration.

I think we’re on the same page, stuck on privesc. Hes referring to the /r***_p*** file.

I suspect that is a rabbit hole.

need help as well,
I used a public exploit for the foothold, shell prompts for g** user, is this the right path? i managed to came across with the //b** directory, my gut says this is the right path to privesc however no idea how to use these information. can someone confirm this?

Yes, that is the right path. If you read through it, you will have an idea what to do.

If you have shell as the g** user you are on the right path. Next, enumerate to find something which will help you switch to a more powerful user. E.g. do any config files contain a credential you could use?

Type your comment> @TazWake said:

@bigoteman said:

Type your comment> @TazWake said:

@thePr0fessor said:

I’ve got user and r_p. Don’t know where to use it. Can anyone help me with further steps

I am not sure what r_p is.

If you have the user flag, privesc is largely enumeration.

I think we’re on the same page, stuck on privesc. Hes referring to the /r***_p*** file.

I suspect that is a rabbit hole.

need help as well,
I used a public exploit for the foothold, shell prompts for g** user, is this the right path? i managed to came across with the //b** directory, my gut says this is the right path to privesc however no idea how to use these information. can someone confirm this?

Yes, that is the right path. If you read through it, you will have an idea what to do.

yup its a rabbit hole --___–. got root! thank you!

@camk said:
If you have shell as the g** user you are on the right path. Next, enumerate to find something which will help you switch to a more powerful user. E.g. do any config files contain a credential you could use?

Thank you for the tip! :wink:

Type your comment> @bigoteman said:

Type your comment> @TazWake said:

@bigoteman said:

Type your comment> @TazWake said:

@thePr0fessor said:

I’ve got user and r_p. Don’t know where to use it. Can anyone help me with further steps

I am not sure what r_p is.

If you have the user flag, privesc is largely enumeration.

I think we’re on the same page, stuck on privesc. Hes referring to the /r***_p*** file.

I suspect that is a rabbit hole.

need help as well,
I used a public exploit for the foothold, shell prompts for g** user, is this the right path? i managed to came across with the //b** directory, my gut says this is the right path to privesc however no idea how to use these information. can someone confirm this?

Yes, that is the right path. If you read through it, you will have an idea what to do.

yup its a rabbit hole --___–. got root! thank you!

@camk said:
If you have shell as the g** user you are on the right path. Next, enumerate to find something which will help you switch to a more powerful user. E.g. do any config files contain a credential you could use?

Thank you for the tip! :wink:

Got root. have no idea about escaping maybe a nudge would help

@thePr0fessor said:

Got root. have no idea about escaping maybe a nudge would help

Escape the thing you are in.

i’m having trouble with user, i have g** user shell, but enumeration feels endless, i’m not finding anything useful :confused: any help?

@ShadowSuave said:

i’m having trouble with user, i have g** user shell, but enumeration feels endless, i’m not finding anything useful :confused: any help?

Its worth looking for an optional folder which isn’t normally on a system. Look inside it.

Can anyone help me figure out how to escape? i’m assuming i need to use a certain password to su but i’m really struggling to get a tty. this isn’t something i’ve done before so i might be missing something obvious but all the techniques i’ve come across aren’t installed on the box. Can anyone give me an idea about what i should be looking into?

@Arty0m said:

Can anyone help me figure out how to escape? i’m assuming i need to use a certain password to su but i’m really struggling to get a tty. this isn’t something i’ve done before so i might be missing something obvious but all the techniques i’ve come across aren’t installed on the box. Can anyone give me an idea about what i should be looking into?

They might be installed on the box.

Hello all. I am rooted in the D***** C********, however, all the exploits I have found point to use C code. It doesnt have gcc or make in the C********. Any tips?

Simple movement here
Foothold: what is that on that high port and find yourself exploit for it
root: Dig thru files try everything juicy in them to escalate then basic escape done.

@ealcorey4 said:

Hello all. I am rooted in the D***** C********, however, all the exploits I have found point to use C code. It doesnt have gcc or make in the C********. Any tips?

You dont need to build anything for this privesc.

ROOTED. Easier than Laboratory.
Write me for nudges!

Rooted, thanks to the valuable tips on this post.

My biggest struggle was to obtain a stable shell that allowed me to switch user
(script -c “/bin/bash -i” /dev/null worked out)

Hello, it is my first box and I am struggling a lot to find a way to have a shell. I found on Google how to exploit it. I found 2 differents scripts which are working. Nothing happen on my nc console when the script succeed ! I dont know what is wrong !!! Does somebody already have this ? If someone can help me PM me please. Thanks and a happy new year to everybody !!!

Type your comment> @busshi said:

Hello, it is my first box and I am struggling a lot to find a way to have a shell. I found on Google how to exploit it. I found 2 differents scripts which are working. Nothing happen on my nc console when the script succeed ! I dont know what is wrong !!! Does somebody already have this ? If someone can help me PM me please. Thanks and a happy new year to everybody !!!

Hi, I found 3 scripts but none of them worked without some modifications (including bugs). Have you checked the payload to get the shell is correctly delivered? if you need more concrete help just dm me.

Pwned machine! yeah!

hint:
root: grepping hard
web: check google for vulnerability.