User: Google is your friend and remember older snakes are more easygoing than younger… getting the flag is easy job then
Root: use what you can find in the configs wherever you can
Sometimes the jail looks scary but you can realize that the door is not locked, don’t overcomplicate it just walk out
I have the files from the uncommon location at /.
Can someone give me a hint on how to proceed, I have encrypted as well as clear text passwords? The escape part won’t be a problem since it’s already well documented on the internet.
edit : I got root user , now on to the escape part
Foothold part was a bit hard. Had to use different exploits several times and then adjust the script for my python env (protip: adapt exploit to your needs). Priv esc was fun too. It will take some time, but it is rewarding.
Struggling on the initial shell which seems odd as I was 99.999% confident I had the right path. I just get stuck on import in progress. I assume this is the “unintended path” which got patched, so back to google…
Do we know if this path has been patched? I am having the same issue and keep getting “Import in progress” forever. Tried it through Burp as well with no luck.
Struggling on the initial shell which seems odd as I was 99.999% confident I had the right path. I just get stuck on import in progress. I assume this is the “unintended path” which got patched, so back to google…
Do we know if this path has been patched? I am having the same issue and keep getting “Import in progress” forever. Tried it through Burp as well with no luck.
Struggling on the initial shell which seems odd as I was 99.999% confident I had the right path. I just get stuck on import in progress. I assume this is the “unintended path” which got patched, so back to google…
Do we know if this path has been patched? I am having the same issue and keep getting “Import in progress” forever. Tried it through Burp as well with no luck.
I ended up using a python exploit.
Update, got user working on root. Turns out I need to get my eyes tested!
@Arty0m same… I really need to get into the habit to take proper notes and automate this stuff so I won’t push it back for “later”. Because “later” apparently means a month to me.
Anyhow, I am so glad I didn’t go through the effort to read up on, compile and run l**r****n, wait about an hour and realize it doesn’t work in this env anyway just because it’s like the 2nd google result for ****** privesc