@SecThor said:
@0xlc said:
anyone can pm me about priv esc to root, i need a hint… i am hitting my head aganst log******.It is a decoy, let it go…
Btw just got root. Really hate this box. It forced me to learn some stuff I have never heard before.
Big thx for @mcruz and @MrWest3r for the help!
i get it, but i don’t find any suid files to execute as root as well
nvm
Any leads on the thing after log*******?
I know that I probably shouldn’t even ask for advice and do the ■■■■ thing already, but I keep seeing nudges all over the thread and some of them are pretty much kinda contradicting each other.
UPDATE: Look it up on Google. Don’t ignore the thing you don’t know how to use, if there’s such a thing.> @AlwaysLivid said:
Any leads on the thing after log*******?
I know that I probably shouldn’t even ask for advice and do the ■■■■ thing already, but I keep seeing nudges all over the thread and some of them are pretty much kinda contradicting each other.
UPDATE: Look it up on Google. Don’t ignore the thing you don’t know about, because this is pretty much the key to the thing you exactly need. Won’t take more than 5 minutes of research if you know exactly what you’re looking for, trust me.
getting user is very straight forward after you understand the process, took me longer than it should have, anyway now root X___X
rooted… positive rating
Took me hours to root this box. Learned something new today.
I think this should be added to some known linux privilege escalation checker.
I learned what i am capable of. Though, need any educational hints. Stuck here.
edit: got root. For priv esc part. You really need to know what you are capable of.
I just reached root flag. Can anyone pm me about how to get root shell ?
Can anyone PM me to give me a nudge on how to escape the jail? I’ve got the user flag already and enumerated the environment I’m in (n****** user), but I’m not seeing a way to escape.
Could anyone PM me regarding the initial foothold? I am stuck in getting out of “jail”. I’ve tried numerous fuzzers without luck. I’ve also read the article referenced here quite a bit but I am still unable to get it. Any tips would be MUCH appreciated!
This box ate up a good part of my last two days. The initial foothold is simple enough if you know how to use BS. The privesc was a roller-coaster. I have root.txt (hint: check for file capabilities as others have mentioned) but still no shell yet. Crons and log******* seem like dead ends. Spoiler Removed - Arrexel
Not a web cat, so struggling with the initial foothold. Playing with BS and parameters, but not getting much traction. I’ve read the articles mentioned so have a decent understanding of what I’m trying to do. Figuring I am overthinking it. Any tips?
Got root!
You can bypass a little something something by just using a new something something. One of the text editors is MUCH more useful than you think, read the man pages.
You need to look for something that’s actually capable of accessing the target, /DON’T/ waste your time on the decoy, because it’s as forcing a rabbit to ride a bicycle. (I tried to get the poor metaphorical rabbit to ride the bicycle for like 4 hours in total instead of actually following the slogan of the website and thinking outside the box.)
Looking into what all the files in your disposal can do is your friend.
I learned an amazing rshell bypass technique.
That’s all I’ll drop, because I think that I dropped way too much. 
Shoutout to @wirepigeon, @Pazanate (in HTB) and @Hrafnskogr.
Can someone PM me? I’ve got a question re: traversal (pre-user)
@ccma40 said:
Can someone PM me? I’ve got a question re: traversal (pre-user)
Same… I can traverse the file structure by proxying the requests but have no idea how to read anything…
Wrong thread…haha
@Warlord711 said:
@sazouki said:
@TazWake said:
@sazouki said:
m****@10.10.10.87: Permission denied (publickey).any hint how to fix thisHow did you solve this?
wrong user
Its quite obvious if you realize where you downloaded the file
i tried n****y also same error why?
Hi, can someone please help me. I escaped the jail and now I am fully stuck. I believe i have checked file capabilities. But i really don’t know what to do. Please can someone pm me?
@ccma40 said:
Can someone PM me? I’ve got a question re: traversal (pre-user)
Ignore - rooted now. What a ride
