nevermind, I got root
Wow. Nvm - When you finally ask for help after struggeling for 6-7 hours THEN i solve it!
Ay ay ay, the first stage of this is so easy and the second is so stinkin’ hard.
Yes, did enumeration, yes, found that directory, tested scripts, wrote scripts, no can’t get permissions on the stinkin’ root.txt. Arrrrgh. imag1ne, are you still available?
Hate to be a pest but after four days my wife is getting pissed.
Yeah, same position. I think it’s a case of finding the right place to run a script from. I have a reverse shell but I’m not even sure i need it
I don’t think you do. I think it’s something baffling and simple, but I’m still baffled.
Been banging my head on this box all day trying to get root. I have a reverse_shell thru meterpreter but I can’t figure out how to escalate my priv so I can read root.txt. Feel like I am close but I can’t break thru. Any nudge in the right direction would be greatly appreciated. PM if possible.
PM incoming.
i’m stuck too in this point… i’ve script’s privilege, but
send me a message too
I can not properly run the script to get the root.txt file and I can not even write to a root file (test.txt) because I do not have permissions, but how do I get out of it? I think the trick is just in the script but I do not know how to modify it or bypass the permissions
Hi I need to some help with priv escelation I am not seeing what you referring to with regards to the file sticking out / out of bounds
Bashed is not very hard. You have to get pty reverse shell. LinEnum script is very useful. If you did nebular lab before, this Bashed box is not very hard for you 
I got root editing an existing exploit… Maybe there are multiple ways to accomplish that
@rmx said:
I got root editing an existing exploit… Maybe there are multiple ways to accomplish that
sounds cool. You must be professional at exploitation. I owned system by enumerating and exploiting “system weakness”, it is very easy 
i’ve been banging my head agains my keyboard for days. i can see the two files, one of which is locked by root, and one that is designed to open and write to that file. some research shows that I can potentially put a script in a folder that is automatically run as root, but I think thats a rabbit hole. any one available to pm for a gentle push in the right direction?
@patticakes said:
i’ve been banging my head agains my keyboard for days. i can see the two files, one of which is locked by root, and one that is designed to open and write to that file. some research shows that I can potentially put a script in a folder that is automatically run as root, but I think thats a rabbit hole. any one available to pm for a gentle push in the right direction?
Have you tried it yet?
@antione09 said:
@patticakes said:
i’ve been banging my head agains my keyboard for days. i can see the two files, one of which is locked by root, and one that is designed to open and write to that file. some research shows that I can potentially put a script in a folder that is automatically run as root, but I think thats a rabbit hole. any one available to pm for a gentle push in the right direction?Have you tried it yet?
I don’t know how…
@patticakes said:
@antione09 said:
@patticakes said:
i’ve been banging my head agains my keyboard for days. i can see the two files, one of which is locked by root, and one that is designed to open and write to that file. some research shows that I can potentially put a script in a folder that is automatically run as root, but I think thats a rabbit hole. any one available to pm for a gentle push in the right direction?Have you tried it yet?
I don’t know how…
You dont know how to put a script in that directory? You should google how to transfer files to the remote machine. I like to use wget
I think I put the script in the right directory and now I am waiting for it to run. How long does this take? Can I PM someone to verify I am doing to correctly?
Yeah this one has me hitting a wall as well. Ive manage to get ScriptsMgrs privs but I cant seem to get what I need. If anyone has any tips for privesc on this and can give me a nudge please PM me.
I was able to get the LinEnum.sh into the system using wget, But i am not able to execute or move it to another directory what do i do.
wow… i’m totally lost with the root flag. I did well with the user. But I’m struggling with the root. I tried several scripts trying to get priv_sca but it did not work at all. I ran off ideas so If someone could give me a clue or something that puts me on the road once again…!!!