
I have read user.txt, now for root, I am logged in through ssh as user dj********, also logged from msfconsole, found some vulnerable services, tried to use exploits but no luck… Any hint would be appreciated!

This is my first linux box and I’m pretty badly stuck after getting an initial shell. Been reading about basics of privilege escalation in linux but haven’t find anything to grab on even though i’ve done amounts of enumeration. A little nudge would be appreciated.

I’m still in pass first pass, I can’t undestand.

Stuck on user and root. Just found user.txt. Do not know how to proceed. Please PM with any ideas or hints!

I killed the whole evening for the fact that I can’t get the privileges of the root, I found user.txt and b ******* p I don’t know where to go next, give a subskit in PM

Is it common for the exploit to periodically not work on this box? I got shell last night. Took a break from the box and came back and tried to get shell and the exploit didn’t work. Tried again a few hours later and it worked.

EDIT: It seems people are resetting the box which is causing the exploit not to work.

Ah yes, for initial foothold. You need to make sure your nmap scan is correct.

However now I have the shell, no idea where to go. I can see user.txt

Any tips on the next steps are greatly appreciated…

can we find the famous file for priv escalation with a one liner looking for setuid files or it’s only noticeable through enumerating scripts?

Is the root file called “root.txt” ? if not then can I get the name?

@masterrabbit said:
However now I have the shell, no idea where to go. I can see user.txt

Any tips on the next steps are greatly appreciated…

for user, in this post there are lot of hints, especially for the b***** file :wink:

Rooted. Well, It is good to solve some CTF challenges to enhance the out of box thinking. PM for help

Rooted and learned a lot! Googling basic linux enumeration tips helped much.

Can someone PM hint for root, stuck. :angry:

When I found the file and executed it I got root instantly and thought ‘this is strange, it was trivial to get root’.

PLEASE don’t forget to reboot after getting root.

I got a shell, and able look thru the box. But nothing stands out. LOL I know windows, but not Linux. I did find a user with that text, but nothing else stands out. can someone PM some tips?

@BaDRii said:
Can someone PM hint for root, stuck. :angry:

Were you able to get the root?

Rooted ! But still no clue about the stego part for user, can someone light my candle on the subject ? =D

I found the port number for I** but I couldn’t get a shell with using msf any help would be very appreciated (pls)

@mmovlyamov said:

@BaDRii said:
Can someone PM hint for root, stuck. :angry:

Were you able to get the root?

No :angry:
Only shell. Used a lot of options, did not get

i’m on the correct way ?
I found the I** service , i’m trying to exploit it!
I’m trying it with msf and 41****.**