Last Active


  • For anyone struggling with the reset, take a look at autoexpect. Makes it a breeze :wink:
  • Rooted :mrgreen: This box is a good reminder to think about what you're actually trying to enumerate and select your resources accordingly instead of using the same old lists. The exploit was an intersting one and the priv esc to root was fa…
    in Admirer Comment by v0yager June 2020
  • Rooted. Decent box, got lost in a rabbit hole after initial foothold for a bit. For the initial foothold you don't even need a script, I just used Burp with a macro. Learnt a nice easy priv esc from this one. Thanks @egotisticalSW [email protected]:/r…
  • # rooted :mrgreen: Decent machine with a nice priv esc. Thanks! @TRX
    in Magic Comment by v0yager April 2020
  • What a great box :mrgreen: It took me an embarrassingly long time to find the initial cred. The path to root was a learning experience for a noob in that language. The box had a nice priv esc to root as well! Overall one of my favourite b…
    in Cascade Comment by v0yager April 2020
  • Nice machine :mrgreen: Rooted without tv, will go back and give that a go now. thanks @mrb3n pm for a hint if you're really stuck.
    in Remote Comment by v0yager April 2020
  • Rooted :mrgreen: C:\Users\Administrator>whoamiwhoamint authority\systemC:\Users\Administrator>hostnamehostnameServMon Fun easy box, Read the exploit you will find online for an idea on how it is exploited, then read the docs. I did manage t…
    in ServMon Comment by v0yager April 2020
  • Thanks @Xh4H, nice cruisy box :mrgreen: Personally I had some minor annoyances with user2, but the actual escalation was cool! Root was easy once you see it. I didn't do any 'appending' to get a root shell. There isn't a need to really, you can ju…
    in Traceback Comment by v0yager April 2020
  • Awesome box, thanks @thek! Learned about a few new tools, scripts and services :mrgreen: Rooted with shell.
  • Look at me, I'm the Administrator now :sunglasses: This was one of my favourite boxes so far! All the hints are here already, but I will say that it pays sometimes just to do things manually. Spent way too much time on root debugging errors …
    in Forest Comment by v0yager February 2020
  • @Xtronum I'm stuck at the same point, I've added a new user and the appropriate groups but I can't allocate DCs rights. I'm not sure if it's a bug, because I'm pretty sure my syntax is correct. I'm trying to add rights with Pow**V***.
    in Forest Comment by v0yager February 2020
  • I have the key (pretty sure it's a********v), but when I use the key to decrypt p***************.txt I get an incomplete output. It looks like a pass but the last 4 chars are munted. I'm running the script server side so there should be no issue wit…
  • Thanks @VbScrub, I hated it... But I learned a lot :mrgreen: PS. I suck at VB.
    in Nest Comment by v0yager February 2020
  • Nice fun box :mrgreen: I stuffed around for a couple of hours with the initial priv esc, just poor enum on my part. If you're experiencing 'internal' frustration :wink: I suggest going back to the basics of retrieving web content from the cmd line …
  • That was a fun box! I learned a lot gaining user, and the scripting part was great. Thanks @MrR3boot. Hints: for user, use Burp and Wireshark to check requests and responses when scripting and make sure your request headers etc are correct. If the …
    in Mango Comment by v0yager November 2019
  • Rooted :mrgreen: Went down a rabbit hole so the Initial shell was easier for me than root. HInt for root: make sure you check version info during enumeration.
    in Wall Comment by v0yager September 2019
  • I modified the script and have the login creds, but am struggling with the payload for the next stage. Could someone please dm me a hint? Edit: nevermind figured it out. Have www-data :mrgreen:
    in Wall Comment by v0yager September 2019
  • Nice challenge :mrgreen: The last bit was a pain in the arse!
  • Good Challenge :mrgreen: Thanks to the creator! PM if you're stuck
  • I have the k.d* file, but I'm stumped as to what to do next. I cant see a way to decrypt it with the info I have. I can't see any info that stands out from the processes either. Is there a tool or ps cmd like pspy but for windows? Also there is no l…
    in Heist Comment by v0yager September 2019
  • Solved :smile: As the others have sed the initial foothold is straightforward. Besides that dcode.fr is great!
  • Long sleeves and hoodies for sure (no zip). Maybe a mankini also?
  • GPG symmetrically encrypted data (AES cipher) I don't know how to proceed now? I've tried recovering the pass with john but no luck. Any hints?? Thanks!! EDIT: Forgot to remember the simple things. Thanks phneutro for the hint! SOLVED!
  • Type your comment> @ShivamShrirao said: (Quote) Thanks mate, Great articles, reading through them now. Gave you a +1 :+1:
    in Safe Comment by v0yager July 2019
  • Does any one know of a decent tutorial for the R** side of things? I've done BoF before but only 32bit and no R**. Need a decent tutorial/resource to get up to speed :)
    in Safe Comment by v0yager July 2019
  • Would appreciate a hint on the syntax for the final step to root :smile: Edit: Got Rooooooot :wink:
    in Haystack Comment by v0yager July 2019
  • If anyone needs a nudge with user feel free to send a pm :smile:
    in Haystack Comment by v0yager July 2019
  • > Can someone help me a bit? > I got the shell as p*****r via s*****r but no wan't echo any output. > If i type ls, it just shows ls but not the folders. > But I still can use cd, i just have no output for the commands. > May…
    in Jarvis Comment by v0yager July 2019
  • I'm in the P** shell through the backdoor and have dumped the info needed. I can check if files are writable, read files (within limits) and edit writable files and I've found an interesting i*i file for later. Would appreciate a nudge with the …

Howdy, Stranger!

Click here to create an account.