Nice enjoyable box. it should just be all enumeration and reading documentation.
I hacked something that worked enough for me to get root, but I’m sure there’s a more elegant way, but my way worked enough
Nice enjoyable box. it should just be all enumeration and reading documentation.
I hacked something that worked enough for me to get root, but I’m sure there’s a more elegant way, but my way worked enough
I ned help to privesc please
Type your comment> @Aquilino said:
I ned help to privesc please
rooted thanks @busshi for help me
We are connected!
id;hostname
uid=0(root) gid=0(root) groups=0(root)
knife
hours trying to privesc, i need help please :neutral:
I’m having slight trouble with getting root. I have identified the vector. I think my syntax is incorrect potentially. I’m using the e**c command is that right? Can someone give me a nudge please
Yeah, I’d love a nudge on priv esc. if someone doesn’t mind. I’ve been trying a lot of commands and variations of commands to abuse the utility. Not sure if I’m 100 ft. or one inch away.
FWIW, initial foothold was kind of “fun.”
Type your comment> @kurogai said:
Need help with root part, i think i missed something, but need help
check what the user can do and read the help option> @maru37 said:
Yeah, I’d love a nudge on priv esc. if someone doesn’t mind. I’ve been trying a lot of commands and variations of commands to abuse the utility. Not sure if I’m 100 ft. or one inch away.
FWIW, initial foothold was kind of “fun.”
you can read the documentation online for more detail and then just use it to execute payload
first time doing it on the release arena and manage to get the user flag and working on root…everything is there for the foothold and user flag. just need some Google-fu here and there
User done…
I’m struggling with root. I think in the right place just struggling to understand the usage/syntax needed with the k**** command. Can anyone nudge any pointers or docs which are useful pls? I assume one of the commands in the help list is what I need to use
I just cannot connect to the machine, I tried different VPNs but still no luck. The machine is always unreachable. Is the machine only for VIP members??
Type your comment> @zvfhxxxxz said:
User done…
I’m struggling with root. I think in the right place just struggling to understand the usage/syntax needed with the k**** command. Can anyone nudge any pointers or docs which are useful pls? I assume one of the commands in the help list is what I need to use
Never mind. I was a fool and didn’t add the flag after the ***** ***c command
Foothold and user : Well, guys are wright ! Don’t look for any webapp but a daemon. There’s a recent vulnerability on it. I’m shocked ! :neutral:
Root : well. I see a knife thing. Is it this ? … thank you guys for leaving hack tricks on server. So the answer was just in front of my eyes but I missed the chance to search a bit by myself .
Thanks to @zvfhxxxxz and @elveskevtar for the nudges.
Anyone ever have trouble submitting a root.txt flag and getting “incorrect flag”?
EDIT: It appears the flags change when the box is moved from the release arena to the active machines section. Re-rooted and got a different flag which was accepted.
Rooted.
If anyone has a question i would be happy to help you out!
User: Look for version number on what the website is running would be my main pointer
Root: don’t look to far you will only need to enumerate 1 command and do some googling (maybe you will see it without google) and than it 1 simple command and you are root!
Was struggling with foothold more than needed going down rabbit holes. Phew. Once fh identified user and root took literally seconds.
Got foothold immediately but can’t seem to figure it out how to exploit the tool. could use some help
rooted it without any help.