@sparrow1
I had a few problems getting that script to fire as well. Took me like 3 tries . I never had problems with the id_rsa key, however I did lose the connection a few times.
Some idiots continue to change permission on -rw-rw-rw- 1 kid kid 49 Feb 11 23:03 Spoiler Removed
STOP to reset machine every minute please.
who create the ELF file /var/tmp/rs DM me.
This was a fun and super easy box. Was not expecting it like this. But glad I got it!
Finally rooted:kissing_smiling_eyes:
It took a little bit longer than i expected. Thanks @0xdf for the box
Thaks @sicario1337 and @clure for the hints:smile:
Rooted as last Fun Box.
Definitely a different box than the others,spent way too much time for just a simple google search.Feel free to PM for a small hint
I have rooted the box, but can someone tell me why the script runs automatically or what triggers the script to run automatically? Itās not obvious to me which line on the script indicates running by itself. I couldnāt find any cronjobs eithers. Would appreciate a PM.
Iām in as user1, I found the way to exploit laterally but something isnāt working here right. I tried method locally and everything works, but remotely itās not. Can someone explain me how ********. script is triggered?
@011915 said:
Can someone explain me how ********. script is triggered?
In Linux there are lots of ways to set up a service or running task. You, as an attacker, donāt need to trigger it.
if someone has some hits for the foothold I am totally stuck, any help would be appreciated, thanks
I am feeling confident on the inital foothold, but have been persisting for an hour or so now without making use of it.
Is using the **f.*pk along the right lines? I believe I have the correct settings on the web page as well, but the page just gets stuck uploading endlessly.
Any nudge is appreciated.
@CrackerMan said:
Is using the **f.*pk along the right lines?
Yes
I believe I have the correct settings on the web page as well, but the page just gets stuck uploading endlessly.
It wont ever complete because you are exploiting the system not uploading a legitimate file. You should still get a shell.
I have found a way to get a shell, tomorrow I wil try to get the user
Rooted. This was a FUN box.
I was stuck for hours to get the first shell. Thank you @jiggle for the nudge.
The pivot and root parts are easier.
Type your comment> @TazWake said:
@CrackerMan said:
Is using the **f.*pk along the right lines?
Yes
I believe I have the correct settings on the web page as well, but the page just gets stuck uploading endlessly.
It wont ever complete because you are exploiting the system not uploading a legitimate file. You should still get a shell.
Soā¦ ended up changing to my laptop, and that seemed to do the trick. My desktop wouldnt have it, I even tried all firewall and AV settings, and going with Parrot instead of Kali but it wouldnt connect.
Not a clue why but got user, and now working on Root. Thanks for letting me know I was on the right track.
Type your comment> @CrackerMan said:
Type your comment> @TazWake said:
@CrackerMan said:
Is using the **f.*pk along the right lines?
Yes
I believe I have the correct settings on the web page as well, but the page just gets stuck uploading endlessly.
It wont ever complete because you are exploiting the system not uploading a legitimate file. You should still get a shell.
Soā¦ ended up changing to my laptop, and that seemed to do the trick. My desktop wouldnt have it, I even tried all firewall and AV settings, and going with Parrot instead of Kali but it wouldnt connect.
Not a clue why but got user, and now working on Root. Thanks for letting me know I was on the right track.
not sure , file permission maybe ?
Hi everyone, iām trying to browse this machine with firefox, but i canāt connect to it even if i added it to the hosts file, can someone help me?
@0fox said:
Hi everyone, iām trying to browse this machine with firefox, but i canāt connect to it even if i added it to the hosts file, can someone help me?
Ports matter.
whoami && id
stty: āstandard inputā: Inappropriate ioctl for device
[*] exec: whoami && id
root
uid=0(root) gid=0(root) groups=0(root)