Yup yup. Just wanted to make it know. I reset the box multiple times. Stopped it and started it. just coudlnt get it change.
If I found a file that contains some lines of strings that look to contain some of the same parts (encrypted strings), should I try to investigate these or am I going down a rabbit hole?
Just rooted. Pretty fun box, and well rated for its difficulty. Learned something new about certain transport mechanisms. Major props to @ChefByzen for making this one.
Hints:
foothold: basic web enumeration and google, you donāt need to fuzz the webpage or brute force a log in
user1: search around and remember you may not be able to read things as they are
user2: sometimes sharing things at home can be dangerous
root: enumeration and google is all I can really say. You can find something close by which can point you in the direction you need to go
My pms are open if anyone needs a nudge, but Im not sure how often Ill be able to check
When I have the recipe to create a file as r***, how do I use it to go forward? My mind is completely stuck hereā¦
Never mind. Rooted
whoami && id && hostname
root
uid=0(root) gid=0(root) groups=0(root)
passage
Rooted! Great and nice box! Thanks @ChefByzen
From a technical point of view, I think this box is really good and @ChefByzen did a great job here.
However, for me the root part seems like you either find it yourself or you donāt. I think itās hard to miss and I would not have made it without a hint.
Some nudges here are really helpful: I would add that you do not need to dive very deep into the place where you are supposed to stay according to the nudges.
Itās more of a subtle thing you will find which leads you to root (most probably) after you google it.
I think there is no shame in asking for a hint here.
I canāt get root
, looks like something is wrong.
@mehulsharky007 said:
I canāt get
root
, looks like something is wrong.
I mean to say that there is no b c**** s****** running.
Interesting box, user is rather easy, and most hints here are on the ball, so I have nothing new to share.
I donāt have anything to share about the first PE, other than it took me down memory lane. I actually have seen that in a real life engagement. So, it did bring me a smile.
Now, root was a beast for me and it took me quite a few hours.
From the comments here, thereās a way to get it that I have no idea what it was. I did take public transport to get root, but I am guessing it was a different route, using a bit of Imagenation to create a way out, so Iād like to learn more about what others used.
Apparently my Google-fu (or Duck-Duck-Go-Fu) is not that strong, because I doubt I found the right article.
Rooted, however this was a strange bus ride, enjoyable though!
Yayyyy, Got root
94.53% towards Hacker
My shell gets aborted shortly after i set it up anyone else with the same issue? any fix? is it related to the fail2ban comment? Site becomes unresponsive from time to time
EDIT: Pretty sure it the F2B thing. Not sure why it is triggering as Iām not bruteforcing, just setting up a reverse shell. It get aborted within 5 minutes and I have to restart everything, which makes enumerating a great pain in the ā ā ā . Any clue to bypass it?
Rooted, but only thanks to the āpublic transportā hints here pointing me in the right directionā¦
For those who didnāt need the hint, Iād be grateful to understand how did you know to look at the vulnerable āthingāā¦? (I mean, I saw it in my enumeration output, but wouldnāt have thought āaha!ā without the hintsā¦)
Have someone here got root without use U** C*****?
(without ātaking the busā?..lol)
Rooted - big thanks to @ChefByzen for this box.
I donāt want to give a spoiler - one of the common enumeration tools is supposed to detect an issue with this machine, but thereās a bug and the test didnāt work properly. Iāve raised an issue and submitted a PR to get this fixed which should make life easier for folks if it gets accepted.
If you like to use popular enum scripts, now would be a good time to make sure youāre using the latest versions.
Type your comment> @OmegaGator said:
A little confused here, got foothold and now www shell. I have found the hash for the 2 users and got the a1 password for p. Iām stuck at this point, not too sure how to proceed. I know p needs a publickey for ssh based on ssh failed results and config file.
hints sent to you by DM.
Do you need the php functions for user 1?
add me on discord for collabs
username : devesh2003#0982
Found this one fairly straight forward. The tool I used for initial shell gave me user aswell. And despite what others have said i found the path to root with linpeas. User 2 was the most annoying. Give me a shout if you need help.