Got RCE but stuck on Privesc
Rooted.
Pretty easy machine in comparison to other medium boxes.
P.M. for a nudge
stuck on privesc to root, can I get a nudge please i tried everything i could think off
Just got foothold, love it!
Nice box, I was a bit off on the beginning because my “exploit” didn’t work but after a while it started so I don’t really know why. Anyway rooted
Finally rooted this one. Nice box @mostwanted002!
Foothold was definitely the funniest part for me.
For user: enumerate enumerate enumerate, and beware the rabbit holes. There’s a pretty huge one I fell into and took me a lot of time, but I learned new stuff in the process, so I guess I don’t regret going down to it ¯\(ツ)/¯
Root is maybe the easiest part: consider what you can do, maybe take a look at rate matrix for hints on what you should enumerate.
PM me for hints, but make sure to include proof that you have done your homeworks
Thank you, everyone! Your feedback means a lot. I’ll be trying to make more submissions ahead.
id
uid=0(root) gid=0(root) groups=0(root)
root@thenotebook:/#
What a journey,learned new things,overall nice box
Got user ¯_(ツ)_/¯ but struggle with root part so far. ? for a nudge how to use that ock* command i could run under root rights.
Rooted nice machine thanks to machine creator
Don’t really get it hahah. Am I supposed to hit the so**** on loho via the j* co****? Cause I tried pretty much everything else rofl I don’t get it ahha
Anyone got a nudge on root? cant seem to get the root shell to kick
Nevermind i got it
In the mean time I installed the node app that nmap reported for the highest port (probably not correct) haha it took forever cause all deps where broken but then it worked and I made a websocket connection on my box but guess what lol didn’t work on the notebook. ■■■■ going to bed probably fooled by a funny box great job! love it.
Hi
Can’t seem to understand the way to foothold. I used gobuster multiple times, didn’t find anything useful. Analyzed all the requests, not found anything. Searched for vulns for the nginx version, did not find anything useful. Cannot find any creds of any admin account. Not much functionalities available after signup. Now I’m definitely missing something.
Also I don’t have any idea about the rxi on port 1*0, might be the correct path. Can anyone point me to the right direction.
Thanks
root@thenotebook:/root# id
id
uid=0(root) gid=0(root) groups=0(root)
Great machine, thank you for the help and for making this one!
@mostwanted002
Spoiler Removed
Finally I got it working
root
thenotebook
uid=0(root) gid=0(root) groups=0(root)
¯_(ツ)_/¯