After 3 days of struggling @0F0Bh and I finally managed to root this one.
Hats off to the creators!
Thanks to @MariaB for some sanity checks along the way :smile:
User: Don't let that WAF scare you too much.
Way to root: What are other people do…
Can somebody give me a nudge on where I can upload the initial shell?
I have bypassed the first roadblock, exploited a common vulnerability the easy way using s**m*p and can read files from the system.
Wherever I try to write a file however, I get…
Rooted :smile:
Really liked the attack vectors for both user and root, definitely learned something here.
Little critique: I always had other people getting in my way, because everybody is trying to exploit exactly the same thing. I do understand…
@v0yager said:
(Quote)
I was facing the exact same problem.
Without spoiling: Don't trust your eyes on this one, take another look at the encrypted file in vim.
Feel free to PM me if you need another nudge
Rooted!
I really enjoyed this one, hats off to the machine maker.
There are multiple ways to grant yourself access, I found myself connecting through a GUI quite a bit :-)
Anybody that could give me a nudge on PrivEsc from the user to root? I already found something that runs every now and then, but I can't figure out how to abuse it. I think it might be a r*** c******** with t** and d*** , but I'm kinda lost here.