Official Atom Discussion

I also seem to be unable to make a proper “.y**” file for the update - or doing something else wrong. Have tried putting my load together with it but also having it remotely grabbed. Any hints welcome.

//Never mind, apparently flipping random stuff fixes things.

Rooted. Other than some inconsistencies (possibly due to another user on the machine) I don’t understand the low rating. Cool box. PM for hints.

For the foothold, I have tried so many variations for the .y* file but my POC payload doesn’t trigger. Tried uploading with the binary also and renaming the binary etc but nothing. Uploading the binary also out so I am guessing it just needs the special file and everything else is running on the host. A nudge would be gratefully received - have spent far too may hours staring a certain article!

I’m on the same as todd112 could appreciate a nudge here.

Edit: got foothold and user flag, thanks to @JackzWild for reviewing my .y** file.
Edit2: got root pretty easily

Type your comment> @todd112 said:

For the foothold, I have tried so many variations for the .y* file but my POC payload doesn’t trigger. Tried uploading with the binary also and renaming the binary etc but nothing. Uploading the binary also out so I am guessing it just needs the special file and everything else is running on the host. A nudge would be gratefully received - have spent far too may hours staring a certain article!

So, one thing to check that caused me to stumble around for a while is the format of the .y** file… if you are editing in something like gedit, MAKE SURE your not allowing the lines to wordwrap. I am fairly certain that the file is read with expectations of parameters to be on specific lines. Hope this helps!

@JackzWild - thanks for the tips re the y** file. I excluded some stuff and now mine works. Real process of trial and error. Appreciate the help! For anyone who has found what they think is the right article, try to get a POC where you can confirm the target is doing something that you want. @nekothedj - thanks also - I think you are right as mine worked when I excluded some additional stuff. The file has only a few lines now. Word wrap wasn’t an issue for me but I think additional info in the earlier lines seemed t be causing a problem.

Pppfff someone is continuously pushing the y** file to all dirs.
The rest of us have to wait for him to finish.
Pm me if you’re the one :neutral:

might be something wrong today with the machine?
For the privesc I see two options both using the same exploit (one requires modifying):

  1. exploit against that .p* file
  2. modify the exploit against a hash that should appear when connecting to r**** through r****-c** and using “k*** *”

None of this is working for me… the .p* file locks locked?

uff finally rootet that beast, one of the “hardest” medium so far for me, not because of “abstract” technology, more because i need much time for try and error, spent more time at user. But also root take me some time. both were new topis for me and i have learned from this machine.

PS: there are at least two ways to root.

if anyone need help, just pm me know.

Type your comment> @gullon said:

might be something wrong today with the machine?
For the privesc I see two options both using the same exploit (one requires modifying):

  1. exploit against that .p* file
  2. modify the exploit against a hash that should appear when connecting to r**** through r****-c** and using “k*** *”

None of this is working for me… the .p* file locks locked?

It’s the option 2.

@todd112 I am glad you got it all to work :smiley:

Sorry but i’m unable to catch the admin encrypted password with r***-cli. Any help please ?

What is foothold?
r****, s**, or anything else?

Hi guys, Im not sure If I’m at right path to get normal user (is it based on the y… file ?). Pls PM me if you have time.

Type your comment> @dylvie said:

Sorry but i’m unable to catch the admin encrypted password with r***-cli. Any help please ?

Can someone please PM me with a nudge on the foothold for this machine? Thanks in advance.

I’ve read a pdf, I’ve read a web page, see the exploit but can’t put the pieces together to create the right .**l file. :frowning:

Shooted. :stuck_out_tongue: Dm for any help. :slight_smile:

I am completely stuck. I have created my l*****.y** file, uploaded it where it needs to go, I can see the server request my exe, and then nothing. Tried a million different shells and modification to my .y** file. Any nudges? Feel free to PM.

Type your comment> @s00ner said:

I am completely stuck. I have created my l*****.y** file, uploaded it where it needs to go, I can see the server request my exe, and then nothing. Tried a million different shells and modification to my .y** file. Any nudges? Feel free to PM.

try to use m********r payload created with msfvenom

try to use m********r payload created with msfvenom

That’s what I’ve been trying (among other payloads) with no luck so far.

*edit: I figured it out. I was missing a flag in msfvenom the whole time.