Type your comment> @ali1903 said:
the s*****.py file is it in An-U****s .
Yes, it is. Well, it should be if it isn’t
we can’t write this file how can we use this
we just have 3 options
@coryshawty said:
Type your comment> @ali1903 said:the s*****.py file is it in An-U****s .
Yes, it is. Well, it should be if it isn’t
we can’t write this file how can we use this
we just have 3 options
@ali1903 said:
@coryshawty said:
Type your comment> @ali1903 said:the s*****.py file is it in An-U****s .
Yes, it is. Well, it should be if it isn’t
we can’t write this file how can we use this
we just have 3 options
You can exploit it without writing to it. Try to read through the code itself of the file
Type your comment> @coryshawty said:
@ali1903 said:
@coryshawty said:
Type your comment> @ali1903 said:the s*****.py file is it in An-U****s .
Yes, it is. Well, it should be if it isn’t
we can’t write this file how can we use this
we just have 3 optionsYou can exploit it without writing to it. Try to read through the code itself of the file
we must to do pri esc with this python file or we must just try reading user.txt ?
I’ve got access to the user account. I’d love a nudge on how to use the s*******l that’s been referenced earlier.
Rooted! What a fun box! Thank you to the peeps who helped a n00bie like me. PM if you need help!
rooted && nice and easy box
Type your comment> @cwgrimey said:
I’ve got access to the user account. I’d love a nudge on how to use the s*******l that’s been referenced earlier.
can u give me link to help me
Are people getting “Temporary failure in name resolution”?
Type your comment> @t00rmund said:
Just owned user! Thank you to @trollzorftw for the nudge. Quick tips:
- who you run something as is just as important as what you run
- google is your friend on finding ways to escape forbidden characters. Spend enough time and get that money!
Couldn’t have done user without this. Thank you so much.
Just got root, but I’m not sure if I used someone else’s symlink on the public server? Not sure if it was suppose to be there or not the modified dates where all old. Could someone plz explain or PM me. Not sure if I did it correctly. 
i have user if someone need help for : pm me
for root what do you use ?
rooted thanks for all
PM if U need help
Nice box, getting user is quite fiddly - shells within shells. Also still not quite sure what causes the 90 second ban to trigger seemed a bit hit and miss. Root is relatively straightforward but still learned something about the process that was used.
Feel free to PM for nudges.
What a box. I got really stuck on the initial foothold because I wasn’t ready to redo every step a second time - turns out I already tried the correct thing early on but it somehow didn’t work.
From www-data to root took me 4 reverse shells, so that was interesting.
I personally learned the most from coding it all into a python script to automate getting to user. From there to root you can have a nice shell at least.
I should also pay more attention to the little things in enumeration for privesc, sometimes it’s only one line that makes all the difference even if it’s not even highlighted.
If you need a nudge, feel free to PM me 
Thanks to @saminskip and @CRYPT0HEX for the help on getting in!!
Type your comment> @S7uXN37 said:
What a box. I got really stuck on the initial foothold because I wasn’t ready to redo every step a second time - turns out I already tried the correct thing early on but it somehow didn’t work.
From www-data to root took me 4 reverse shells, so that was interesting.I personally learned the most from coding it all into a python script to automate getting to user. From there to root you can have a nice shell at least.
I should also pay more attention to the little things in enumeration for privesc, sometimes it’s only one line that makes all the difference even if it’s not even highlighted.
If you need a nudge, feel free to PM me
Thanks to @saminskip and @CRYPT0HEX for the help on getting in!!
No problem <3
Any help on user? I’ve looked up infoblox rmi and can execute commands through the script but they run as w**-d** instead of p****** as i’m executing the script …I’m missing something simple here?
Can I please get a hint for root. I have enumerated but don’t know what to look for.