Do someone built the privilege escalation exploit from scratch following GTFObins on a Kali machine? Can I have a help?
I exploited the box some time ago with a “vanilla” process from GTFObins but now the same process does not work anymore -.-
There was a suggestion earlier in this thread to build it in an Ubuntu VM as opposed to trying to get it to work with Kali.
This was a great box! Solid, real-life-scenario steps from foothold to user to root.
Do someone built the privilege escalation exploit from scratch following GTFObins on a Kali machine? Can I have a help?
I exploited the box some time ago with a “vanilla” process from GTFObins but now the same process does not work anymore -.-
There was a suggestion earlier in this thread to build it in an Ubuntu VM as opposed to trying to get it to work with Kali.
This was a great box! Solid, real-life-scenario steps from foothold to user to root.
Yeah I read it but I do not get why this time it did not work to me, while the first time did… probably a Kali update?
@letourneaualex said:
I thought I saw a way to root the box on GTFObins using fpm to simplify the crafting process but I get an error "error: cannot perform the following tasks:…’ , should it work or I really have craft the whole thing from scratch?
Once I installed fpm on kali, it worked for me following the instructions as described.
Root: Try not to focus on exploitation as much as leveraging existing privileges granted to the user. GTFO and live off the land! Works for building on kali, no special environment required.
Hi, I have managed to get a foothold on the system and using some internal knowledge I know where I need to go next. I have the username but for the life of me I cannot find the password. Could anyone give me some pointers?
Root: Try not to focus on exploitation as much as leveraging existing privileges granted to the user. GTFO and live off the land! Works for building on kali, no special environment required.
Thanks a lot for this nudge… this should be pinned all the way to the first page… all other info are like smoke bombs everywhere… but gtfo site + “correct attack path” = root.
Could someone DM me a nudge? have basic shell with a****. found default m**** creds but they are not working. Want to run what I am doing past someone who has rooted to see if i am on correct track or not.
Stuck in shell as a*****, found some m**** creds and db, however unable to connect from shell to dig further. I know what I want to do after, but just not able to connect to the service I want. Do I need to try harder or am I missing something?
First box here. Sorry if I’m not cryptic enough and this would be a spoiler, if so please report and take my comment off air :).
Every time I run a code to try and work towards root it tells me that there is a syntax error. Not sure what the problem is when I copied it correctly. Anyone able to help me out?
Every time I run a code to try and work towards root it tells me that there is a syntax error. Not sure what the problem is when I copied it correctly. Anyone able to help me out?
depressed. I’m pretty sure I have the same problem as you…
> @ryan0n said: > Got user, working on root. Root seems fairly straight forward, will just require research and prep in a piece of software I haven’t ever had to learn about. > > If you are staging/debugging your s***, and are in a kali/etc vm, you’ll need to enable nested kvm features for your vm. For instance in Virtualbox, you’ll go to the VM’s settings -> System -> Processor -> and tick the box for “enable nested vt-x/amd-v”. > > EDIT: rooted I don’t have any boxes in my processor settings. Supposedly windows 10 doesn’t allow nested virtualization? Anyone solve this one without s***? https://communities.vmware.com/t5/VMware-Workstation-Pro/Nested-virtualization-on-Workstation-14-PRO-on-AMD-Ryzen/m-p/475023#M24618