Stratosphere

OK, I think the maker of the Stratosphere box is a sadist. root was not as easy as I originally imagined. Very clever challenge!

Got user, and now fighting with the last (.py) question … ■■■!

Solved the last question, but … success not found… hummmm

hummmm I think this “hash game” is some kind of rabbit hole, and there’s no “success” this way. mode lateral thinking on again!

■■■!!! Finally I owned the BOX!!!1 What a nightmare!!! Instead of Stratosphere, this box should have Rabbit as hostname :smiley: Thanks and contratulations for the author!!

TIP - If you are still struggling to get the initial foothold, remember this life-lesson:
Always choose your words carefully. Sometimes when dealing with people it’s not just what you say, but how you say it. So be sensitive to what goes on around you.

For those who are having trouble with the the initial foothold. It is in fact the word list you should be worried about. Do not have the classic mistake of always using the lowercase wordlist!!!

Hi All, I have the rce, i’m enumerating all directories, I’m using the find command. I found /etc/ssh not sure if this is the route to get on the box or we don’t need a shell for this challenge, A nudge will be deeply appreciated. please pm if possible

hey i’ve been working on this box for a long time, got RCE, /etc/ssh and a couple of users, need a hint pls

@lala64 said:
hey i’ve been working on this box for a long time, got RCE, /etc/ssh and a couple of users, need a hint pls

I’m on same boat, can anyone PM please?

@Neol said:

@lala64 said:
hey i’ve been working on this box for a long time, got RCE, /etc/ssh and a couple of users, need a hint pls

I’m on same boat, can anyone PM please?

well i hope the boat is big enough for me…

last question takes a bit I guess yawn

Got root! Wow that was a fun box, defintely learned a lot
Thanks @linted for that creation, and thanks @Kinjo for making me think laterally xD

Whoah… wasted a lot of time by not paying attention on small details that made me believe that my initial steps were wrong and jumped from one hole into the other. But a gentle tip that made me check my initial entry again got me the info I required to get better access and get to root.
For those who keep trying shells, I haven’t used any shell nor something as metasploit. Just a f#ckload of trial&error and understanding the feedback and info on the system got me user&root.

can someone help me with inital foothold?

Don’t worry about getting a shell. I wasted a bunch of time on it as someone on the forums mentioned it was possible (but that’s what I get for not figuring it out myself). But once you get RCE, it’s just simple enumeration. If you find something interesting, and you think the interesting things doesn’t work, maybe you’re not using them in the right spot.

Also, if you have an exploit for RCE, it’s trival to add while loop and turn it into a fake shell/interface. I did this and also wrote output to file to make things easier.

Supposedly there is a way to get a shell. If someone did end up getting one, I’d be very interested in a PM to see how you did it ( and it it was worth it).

Wow, so that was the quickest privesc I’ve ever got. Can someone PM how they got root as I’m curious if there is a way to do it that is not insanely easy?

I’m a bit stumped on this one, got the 3 pairs of creds (a week ago) but can’t figure out where to use them… Would appreciate a nudge in a PM. Thanks!

Hello everyone, I found RICE and 3 credential. But I can not use these information in anywhere. Whats my mistake or overlook?

@aora said:
Hello everyone, I found RICE and 3 credential. But I can not use these information in anywhere. Whats my mistake or overlook?

In general, credentials allow one to authenticate to services…