Dev0ops hints

Bit of a n00b here, if you all mention basic enumeration, what do you mean? Just the usual nmap for open ports? Maybe a specific option on that scan? Or more?

@jAnO76 said:
Bit of a n00b here, if you all mention basic enumeration, what do you mean? Just the usual nmap for open ports? Maybe a specific option on that scan? Or more?
basic enumeration contains more stuff.
directory enumeration, what you find in source code of webpages (if they exist) etc.
it depends of what is implemented in the machine you are looking into

I have found two ports with nmap, but how the web server helps? I canā€™t find anything with dirbuster :confused:

@trodix said:
I have found two ports with nmap, but how the web server helps? I canā€™t find anything with dirbuster :confused:

use another tool. like dirb or gobuster maybe

Or juste another list @trodix ā€¦ :slight_smile:

pretty much any tool and any web site discovery list should be as good as it gets :slight_smile:

@lokori great box learned some things that wasnā€™t even actually related to getting root but still useful.

Redacted.

Spoiler Removed - Arrexel

pretty easy box, I enjoyed it tho

Spoiler Removed - Arrexel

@Snoe said:

@Didakt said:
Rooted !
Very cool box, thanks to the creator :slight_smile:

And the first hint some one gave for priv esc was just perfect :

ā€œFar far ago, there was a man that could view back into the past, and see alternated versions of realities , how did he do that mate?ā€

Think about it !

Thanks for the box

Same. That guy really showed me the way to privesc.

I really read the past and I didnā€™t find anything relevant. Stucked in priv

@n1b1ru said:

@Snoe said:

@Didakt said:
Rooted !
Very cool box, thanks to the creator :slight_smile:

And the first hint some one gave for priv esc was just perfect :

ā€œFar far ago, there was a man that could view back into the past, and see alternated versions of realities , how did he do that mate?ā€

Think about it !

Thanks for the box

Same. That guy really showed me the way to privesc.

I really read the past and I didnā€™t find anything relevant. Stucked in priv

Go farther back

thanks @lokori this is a great box! Love the privesc :slight_smile:

ive learnt a lot from this box via privsec thanks a lot for this box @lokori
any doubts feel free to pm me or hit me up on discord [ Ruthvik#7626 ]

Do privesc is a ā€œprinterā€ thing on this box?

I enjoyed getting this one done. Frustrating to not have the initial entry as easy as I thought but a sanity check by @Frey of my ideaā€™s pointed out my mistake. Keeping it simple was the way. Root was relatively easy if you look at the right stuff, which in a way is hinted at on the box itself as well. Thanks @lokori

I finaly got root ! I was to the right way but I donā€™t handerstand why the ā€œpresentā€ is wrong but the ā€œpastā€ is right. Anyway, it was a good box and I learned a lot. Thankā€™s @lokori

Any hint or direction to get user shell? Is it related to feed?

I have some questions about general ssh key formatting, can someone PM me?