in hindsight if it is not the first time you deal with g* and d*, it’s a very typical thus commented as easy machine
well i just went blank and started autodrive mode poking at stuff, should have been more planed, as it is not THAT different from a web noob box (which is pretty much all i’ve been dealing with), i guess repo and source code panicked me lol
not at a postion giving nudge for this box, as i have no idea how to point out the road without saying the filenames >_>
Finally rooted with all the hints provided above and did some Googling for the root part. But, I am still feeling blur on how the root part works. Can someone DM me the explanation for the root part please?
Hey Guys, could I ask for a nudge oon upgrading the initial shell, having real troubles with it, i’m starting to think that its due to me using ZSH in Kali2020.4 as when backgrounding a task and foregrounding it everything seems to go to s***
I have found that if you add the fg to end of “stty raw -echo; fg” it works fine.
Initial Foothold: This was the easy part. There are plenty of resources out there if you know what to look for.
User: Be really really carefull when checking the files. There is something interesting and you might pass it. Read every line.
Root: You need to escape from where you are. Luckily tha machine contians more privileges than needed.
Got Foothold but struggling with privesc a lot. I found some interesting files but don’t know what to do with them. If anyone can give me a nudge it would be appreciated.
Got Foothold but struggling with privesc a lot. I found some interesting files but don’t know what to do with them. If anyone can give me a nudge it would be appreciated.
Look in something that doesn’t normally exist on a Linux system. Read the files in there. Find the loot you need. Use it to escalate your privs. Escape the box you are in.
After you discover that high port, go check it out and enumerate. With a well known tool we always use on Kali, you can find juicy exploits : Warning → they are incomplete, try to figure out what is missed, or if you are not a dev or don’t know Python so much( advice, you must learn it) find the fixed exploit using Google.
Shell Improvement
If you got a shell, it will be basic and unstable.
Lot of people askin’, i usually do :
python3 -c ‘import pty;pty.spawn(“/bin/bash”)’
export TERM=xterm
Ctrl + Z
stty raw -echo; fg
User
Get that flag, is in front of you
Root
As other said, use Linpeas if you want, btw there is a folder you have to enumerate, there are files inside and one of them has juicy infos.
Root Flag
If you know where you are, you know what to search for on Google. Hacktricks will definitely help you.
Nice box, i had fun indeed so thank to its creator!
Hope it helps feel free to DM me if you are stucked
I have to say thanks to @Kiwito and @TazWake : You gave me the hints to solve the situation.
I don’t have to much to add about what @GamesDean said in the post before me… just for the foothold: remember to check one of the first things u should look in a software when you do a PT.
nice and easy box. I think this is a good beginner machine. user did go down very quickly so I got myself cocky and karma slapped me in the face for that.
so for root1 lesson learned: if the witch cant find the snake, dont assume it is not there, it is just hiding under the rails. snake can help you getting a proper shell. once you find the juicy info use it. root2: google on how to get out of the cage; this is well known method.
Best
was a good one even if d***** is totally new for me.
The user part was just more simple as expected in view of the rating. But I did another GL device last week with nearly the same foothold.
One hint in this thread helped me out to escape.
Thx for that nice experience. Learned a lot.
Foothold: Found a helpful snake, but it was a bit moody. It worked once I hard-coded some things. You can grab the user flag with the foothold.
Upgrading shells is a useful skill to have.
Local: I wasted so much time on this. There is just so much to sieve through and things that look useful, but are actually useless. I recommend liberal enum withfind and grep. In the end the solution is easier than you probably thought.
Root: This is easy, just google and follow basic tutorials
Can anyone help me figure out how to escape? i’m assuming i need to use a certain password to su but i’m really struggling to get a tty. this isn’t something i’ve done before so i might be missing something obvious but all the techniques i’ve come across aren’t installed on the box. Can anyone give me an idea about what i should be looking into?
Any files in your user might help you… To privesc… After getting shell… Files like config files…