Official Ready Discussion

@TazWake I send you a Dm, it is a better way indeed.

Fun box, nothing too complicated, yet I spent way too much time on root forgetting about basic rules about what users do with their passwords…
That box made me a pro hacker, that’s a milestone !
Good luck to everyone, I don’t have much to help you, everything important has been said already !

Got user; got root (thank you @TazWake and @Shad0wQu35t). Could someone PM me and explain why it was necessary to m***** //*? Please remove if that is too much info but once I had root the way I got to root.txt is not clear to me (I know then how did I get it? - Google!). But still not clear on how Gitlab (or something else?) interacts with the “f— s-----”.

Fun box. I was stuck longer than I want to admit on trying whatever I could find to get root2. Thanks @unknown101 for the public hint, which is to do it by hand, with a simple trick.

Rooted, if anyone needs a nudge in the right direction, feel free to DM me.

just reset this box but there is no flag under /root … am i missing something?

@AusFrog said:

just reset this box but there is no flag under /root … am i missing something?

Then you probably aren’t done, yet. The princess is in another castle, Mario AusFrog .

Type your comment> @HomeSen said:

@AusFrog said:

just reset this box but there is no flag under /root … am i missing something?

Then you probably aren’t done, yet. The princess is in another castle, Mario AusFrog .

Thanks for the nudge/mario reference, exactly what i needed.

Hello guys, i have tried nmap and browser…but i’m not getting anything. Can anyone help me where should i start with?

@yyugam said:

Hello guys, i have tried nmap and browser…but i’m not getting anything. Can anyone help me where should i start with?

Nmap should tell you what ports are open and one should allow a browser connection.

If you aren’t getting anything, you might want to check you are connected to the VPN.

Finally rooted the box. The best thing I learnt in this box probably how to turning dumb shell into fully interactive tty haha, before doing that I always overlooked long text files because I couldn’t read all of them…

Thanks for the nudge @TazWake

I liked this box. Easy but good one. Getting root was not so easy for me BTW. Feel free to dm me for nudge. Have Fun.

Rooted, this machine is even easier than some “easy” machine

just got root!

in hindsight if it is not the first time you deal with g* and d*, it’s a very typical thus commented as easy machine
well i just went blank and started autodrive mode poking at stuff, should have been more planed, as it is not THAT different from a web noob box (which is pretty much all i’ve been dealing with), i guess repo and source code panicked me lol

not at a postion giving nudge for this box, as i have no idea how to point out the road without saying the filenames >_>

Finally rooted with all the hints provided above and did some Googling for the root part. But, I am still feeling blur on how the root part works. Can someone DM me the explanation for the root part please?

Type your comment> @Cyberzombi3 said:

Hey Guys, could I ask for a nudge oon upgrading the initial shell, having real troubles with it, i’m starting to think that its due to me using ZSH in Kali2020.4 as when backgrounding a task and foregrounding it everything seems to go to s***

I have found that if you add the fg to end of “stty raw -echo; fg” it works fine.

Spoiler Removed

Rooted! quite a challenge for me this time.

Initial Foothold: This was the easy part. There are plenty of resources out there if you know what to look for.
User: Be really really carefull when checking the files. There is something interesting and you might pass it. Read every line.
Root: You need to escape from where you are. Luckily tha machine contians more privileges than needed.

Hope this helps.

User: Ez.
Root: Quite hard. After you gain root, try to think inside of what are you right now. And how to escape it.

Hint: When you obtain root.txt, don’t forget to:
rm -rf /mnt/*

Got Foothold but struggling with privesc a lot. I found some interesting files but don’t know what to do with them. If anyone can give me a nudge it would be appreciated.