Hint for Waldo

kudrom · August 6, 2018, 6:06pm

@Frey said:
SUID or not to be SUID? Privesc Hint Hint.

Kind of lost on this one, didn’t find any suid file on the entire disk, so I guess I’d like to be suid? But I don’t know how somebody would be interested in me

TazWake · August 6, 2018, 6:21pm

@sazouki said:
m****@10.10.10.87: Permission denied (publickey).

any hint how to fix this

How did you solve this?

d4ly · August 6, 2018, 6:44pm

Same place as you, wondering if this is one of these nuggets you need to know. Still very possible I missed something though…

@kudrom said:

@Frey said:
SUID or not to be SUID? Privesc Hint Hint.

Kind of lost on this one, didn’t find any suid file on the entire disk, so I guess I’d like to be suid? But I don’t know how somebody would be interested in me

waywardsun · August 6, 2018, 6:50pm

Nvm

einfallstoll · August 6, 2018, 7:16pm

I just ended up scripting a filesystem downloader. FML. Local enumeration took 5 seconds then. Now starting on root.

Warlord711 · August 6, 2018, 7:45pm

Cant work on the machine @eu-vip-19, it seems that some idiot is hammering the webserver. Have to wait 5 minutes for one request.

ninposec · August 6, 2018, 7:50pm

Rooted…Not sure I liked the priv esc though, but did learn a few things on the way about capabilities of linux. This box required some research

d4ly · August 6, 2018, 8:00pm

Any non substantial hints?

sazouki · August 6, 2018, 8:00pm

@TazWake said:
@sazouki said:
m****@10.10.10.87: Permission denied (publickey).
  any hint how to fix this
How did you solve this?

wrong user

Warlord711 · August 6, 2018, 9:28pm

@sazouki said:
@TazWake said:
@sazouki said:
m****@10.10.10.87: Permission denied (publickey).
  any hint how to fix this
How did you solve this?
wrong user

Its quite obvious if you realize where you downloaded the file

waspy · August 6, 2018, 9:57pm

to get user use this site , will make it easy

TazWake · August 6, 2018, 9:58pm

@sazouki said:

wrong user

Ah - ok.

TazWake · August 6, 2018, 9:58pm

@Warlord711 said:
Its quite obvious if you realize where you downloaded the file

Urgh… thanks.

raouf09 · August 7, 2018, 12:54am

Spoiler Removed - Arrexel

d4rkm0de · August 7, 2018, 3:22am

@waspy said:
to get user use this site , will make it easy
Online tool to format private key.

Also try using the same php functions which encoded the content, to decode the content. Use a php interactive shell to decode the content and print to screen

d4rkm0de · August 7, 2018, 3:29am

Finally got root on this box. I did learn a bunch about some enumeration techniques for priv esc. Def added few new tricks to my toolbox. My advise is to follow OWASP techniques, realize that sysadmins are dumb, jail sucks, and also get to know linux permissions well.

r3dc0d3 · August 7, 2018, 5:28am

elio · August 7, 2018, 8:11am

Stuck on privesc. I understand I need to “escape”, but I can’t see how. Can I PM somebody?

CrazyFragzzz · August 7, 2018, 8:34am

@elio said:
Stuck on privesc. I understand I need to “escape”, but I can’t see how. Can I PM somebody?

Think what you’ve got, and what you want to do. After a quick “Googling” you’ll find your Graal

sazouki · August 7, 2018, 8:42am

i escaped but still stuck mybe i need to do something with logmo****