Official TheNotebook Discussion

Type your comment> @TazWake said:

@lumen said:

I’m stuck on root. I feel like I’m at my wits end. Can anyone PM me a hint? I feel like I’m overlooking something.

There is a public exploit. It probably needs two sessions running to make it work.

Yeah, I’ve tried using the Frieen CE and bu**din the g* sct after making changes. I’m just having issues with it actually wanting to work inse the co*nr. Doesn’t run just throws an error.

./main: error while loading shared libraries: libgo.so.16: cannot open shared object file: No such file or directory

@lumen said:

./main: error while loading shared libraries: libgo.so.16: cannot open shared object file: No such file or directory

Double check how it is being compiled. I don’t know for sure but this looks like it is expecting a library on the target which doesn’t exist.

When you run the build, do you get any messages or output?

Type your comment> @TazWake said:

@lumen said:

./main: error while loading shared libraries: libgo.so.16: cannot open shared object file: No such file or directory

Double check how it is being compiled. I don’t know for sure but this looks like it is expecting a library on the target which doesn’t exist.

When you run the build, do you get any messages or output?

I don’t get any messages from building, it just creates the file.

@lumen said:

I don’t get any messages from building, it just creates the file.

Ok, that implies it worked which makes the error seem kind of strange.

Are you definitely inside the c*******r when you run it?

Type your comment> @TazWake said:

@lumen said:

I don’t get any messages from building, it just creates the file.

Ok, that implies it worked which makes the error seem kind of strange.

Are you definitely inside the c*******r when you run it?

Yeah and I have rt inside of it. I use the so command with no asterisk and tack on /b**/***h

@lumen said:

Yeah and I have rt inside of it. I use the so command with no asterisk and tack on /b**/***h

Ok - this might get complex to avoid spoilers. Double check the commands you are using to spawn the two c******r instances.

Type your comment> @TazWake said:

@lumen said:

Yeah and I have rt inside of it. I use the so command with no asterisk and tack on /b**/***h

Ok - this might get complex to avoid spoilers. Double check the commands you are using to spawn the two c******r instances.

Not sure what changed from last night, but reran it all and it just worked. shrug. Thanks!

@lumen said:

Not sure what changed from last night, but reran it all and it just worked. shrug. Thanks!

At least it works now :smile:

Lots of fun, I learnt some new techniques for foothold and root. Thanks to the creator! PM for nudges

For root: I am not getting the last shell, i’m using two sessions and think the PL is correct… anyone having similar issues?

EDIT: Rooted. Oh wow. I spent a day not being fast enough :slight_smile:

Really cool box!

initially I was going the right way, but didn’t know this kinda modification was even possible but hey learned smth new!

Lateral Movement + Root was really straight forward and rather easy then medium.

Thanks to the creater!

Rooted! Nice box.
Ask me for hints while it’s still fresh in my memory… I should take more notes :wink:

Rooted !

Initial Foothold : after all of your basic enumeration & stuff, you will be left with one thing to try out. think about all exploitable component in the web application. specially web applications !

User : it is all about hard enumeration to find what you need !

Root : if you find the exploit you can get root ! this is very interesting exploit and informative !

Thanks @mostwanted002 for this machine !

I could use a sanity check for root. I believe I’ve got the right exploit, I believe I’m executing it properly, but no matter my payload I don’t seem to get any sort of execution at all. Everything else looks right.

@wizliz said:

I could use a sanity check for root. I believe I’ve got the right exploit, I believe I’m executing it properly, but no matter my payload I don’t seem to get any sort of execution at all. Everything else looks right.

So it clearly depends on the exploit you are using.

If you are using the same one as I did, you need two sessions, one to run the command, grab the exploit and run the exploit.

The second to run the command.

Type your comment> @TazWake said:

@wizliz said:

I could use a sanity check for root. I believe I’ve got the right exploit, I believe I’m executing it properly, but no matter my payload I don’t seem to get any sort of execution at all. Everything else looks right.

So it clearly depends on the exploit you are using.

If you are using the same one as I did, you need two sessions, one to run the command, grab the exploit and run the exploit.

The second to run the command.

Hrm, this is exactly what I’m doing. Even get the “No help topic” message as the demo shows. It just doesn’t appear that anything else ever actually happens.

I’ll have to go poke around some more.

I don’t know what I mucked up where, but I blew everything away and started fresh and it worked first try :shrug:

Rooted, fun box as there were new things to learn. The exploits were not too complicated to understand and execute, which made the box much more fun.

Foothold: Tell the browser that you are the boss
User: Look into the past
Root: impersonate him

PM if you need help

■■■■■■■■ it! Finally rooted, so annoying… typos were made, hurtful things were said.
I will learn to tripple check my sh*t

Somehow I managed to get the S** key for user. But if I try to login I always get a “Connection closed” message. Tho I think it is the right way, am I missing something?