Official Knife Discussion

Nice enjoyable box. it should just be all enumeration and reading documentation.

I hacked something that worked enough for me to get root, but I’m sure there’s a more elegant way, but my way worked enough

I ned help to privesc please

Type your comment> @Aquilino said:

I ned help to privesc please

rooted thanks @busshi for help me

We are connected!
id;hostname
uid=0(root) gid=0(root) groups=0(root)
knife

hours trying to privesc, i need help please :neutral:

I’m having slight trouble with getting root. I have identified the vector. I think my syntax is incorrect potentially. I’m using the e**c command is that right? Can someone give me a nudge please

Yeah, I’d love a nudge on priv esc. if someone doesn’t mind. I’ve been trying a lot of commands and variations of commands to abuse the utility. Not sure if I’m 100 ft. or one inch away.

FWIW, initial foothold was kind of “fun.”

Type your comment> @kurogai said:

Need help with root part, i think i missed something, but need help

check what the user can do and read the help option> @maru37 said:

Yeah, I’d love a nudge on priv esc. if someone doesn’t mind. I’ve been trying a lot of commands and variations of commands to abuse the utility. Not sure if I’m 100 ft. or one inch away.

FWIW, initial foothold was kind of “fun.”

you can read the documentation online for more detail and then just use it to execute payload

Done. Nice box - path was straightforward but involved trying some new things. Thanks @MrKN16H !

first time doing it on the release arena and manage to get the user flag and working on root…everything is there for the foothold and user flag. just need some Google-fu here and there

User done…

I’m struggling with root. I think in the right place just struggling to understand the usage/syntax needed with the k**** command. Can anyone nudge any pointers or docs which are useful pls? I assume one of the commands in the help list is what I need to use

I just cannot connect to the machine, I tried different VPNs but still no luck. The machine is always unreachable. Is the machine only for VIP members??

Type your comment> @zvfhxxxxz said:

User done…

I’m struggling with root. I think in the right place just struggling to understand the usage/syntax needed with the k**** command. Can anyone nudge any pointers or docs which are useful pls? I assume one of the commands in the help list is what I need to use

Never mind. I was a fool and didn’t add the flag after the ***** ***c command :slight_smile:

Foothold and user : Well, guys are wright ! Don’t look for any webapp but a daemon. There’s a recent vulnerability on it. I’m shocked ! :neutral:

Root : well. I see a knife thing. Is it this ? … thank you guys for leaving hack tricks on server. So the answer was just in front of my eyes but I missed the chance to search a bit by myself :smiley: .

Thanks to @zvfhxxxxz and @elveskevtar for the nudges.

Anyone ever have trouble submitting a root.txt flag and getting “incorrect flag”?

EDIT: It appears the flags change when the box is moved from the release arena to the active machines section. Re-rooted and got a different flag which was accepted.

Rooted.

If anyone has a question i would be happy to help you out!

User: Look for version number on what the website is running would be my main pointer

Root: don’t look to far you will only need to enumerate 1 command and do some googling (maybe you will see it without google) and than it 1 simple command and you are root!

Was struggling with foothold more than needed going down rabbit holes. Phew. Once fh identified user and root took literally seconds.

Got foothold immediately but can’t seem to figure it out how to exploit the tool. could use some help

rooted it without any help.

Type your comment> @Lalith71 said:

Wow found nothing with 40 mins of enum any nudges you guys?

Nope

Hello

Starting the box...