Admirer

busfactor · May 3, 2020, 5:02am

■■■■ please someone give me a nudge, I have a lot of creds and nowhere to use it

busfactor · May 3, 2020, 6:10am

Type your comment> @wazKoo said:

hmm a****_****s.**p appears to be rabbit hole

totally rabbit hole

b3nn · May 3, 2020, 6:11am

So no one’s gonna talk about The Big Bang Theory references?

treadwater · May 3, 2020, 7:19am

This box is making me feel real dumb…ranked ‘easy’ and I can’t even see what’s in the ‘forbidden’ directory lol. Any nudge would be extremely appreciated.

primaldeath89 · May 3, 2020, 7:25am

Time to master Dirbuster?

j0x1nx · May 3, 2020, 7:27am

need a little nudge please i well be appreciated

bertalting · May 3, 2020, 7:36am

Rooted

Very nice box with various techniques

Pm me when you need a little nudge

vicio · May 3, 2020, 8:13am

Looks OK, got user. Going for root now so let me know if you’re stuck in your preliminary phase.

Kaiziron · May 3, 2020, 8:23am

Any hints for foothold? I get stuck, I tried to use dirbuster, basically except the in**x.p and those javsct, everything I found is just 403. And other protocols don’t look like having any use in the foothold.

vicio · May 3, 2020, 8:36am

If you do nikto/nmap you would’ve noticed an interesting file you can read to start your scavenger hunt.

Ad0n · May 3, 2020, 8:44am

initial foothold reminds me a whole lot of the lessons some of us learned in @VbScrub 's nest, just because you can’t go into something doesn’t mean you cant enumerate it

much respect to to the author.

Kaiziron · May 3, 2020, 8:48am

I found a file ro*.t in both np and nto scan, it seems interesting, it shows an interesting folder which gives 403 and a w*** name which look like a user. Is this the correct path? Or am I in a rabbit hole?

heisenb3rg · May 3, 2020, 9:42am

Okay, dirb, dirbuster, wfuzz, gobuster, everything timeouts frequently. Think that the a****-d** is the way to go but can’t use any tools to enumerate it! Any help would be appreciated.

thomsd · May 3, 2020, 9:54am

Anyone got any hints for privilege escalation to root here? Feel like I’m so close to beating this box now…

sazouki · May 3, 2020, 9:57am

Type your comment> @thomsd said:

Anyone got any hints for privilege escalation to root here? Feel like I’m so close to beating this box now…

same

Matbe34 · May 3, 2020, 10:07am

I’m unable to find login page lol
Enumerated secret dir wth diferent program but anything showing up…
Only got the two text files with creds and found some interesting things in the ftp service

Feel like i’m missing something very stupid
If someone can PM for a hint

foxlox · May 3, 2020, 10:17am

root@admirer:~# ifconfig | fgrep 10. | awk '{print $2}'&&whoami 10.10.10.187 root

user: fuzz, and fuzz, and again fuzz, sometime a letter in a word could make the difference
root: use some privileged command to do what you want

for nudges ONLY on discord calipendula#1089
please don’t ask solutions but little hints

JMFL · May 3, 2020, 10:19am

Type your comment

laf3r · May 3, 2020, 10:39am

When dirb and gobuster stop working ffuf comes to the rescue.

myrtle · May 3, 2020, 11:22am

Rooted! I really enjoyed this box. Found a lot of rabbit holes but was reminded by the ‘easy’ level of this box that I was thinking way to complex with t*****s etc. Thank you @calipendula for helping me with the optional ‘flag’ I was missing.