To be honest , I’m mainly here for the learning experience and look for real life world challenges. I find that boxes that try to be entertaining and be more of a puzzle / Easter egg hunt frustrate me . I appreciate the creator’s efforts but just putting in my 2 cents .
So far, all the steps were completely CTF-Like.
Tip for everyone: Give up trying to find a “realistic” way to go. There is not. lol
The machine is very CTF…
I would prefer machines that actually test our pen-testing abilities…
rooted.
This machine just got my dislike.
The initial entry is CTF like.
The actual www-data & user is nice and the bypass is also nice.
The root was stupid for obvious reasons.
I can’t found the credentials, is too obvious ? because i am reading all things line per line but i don’t see anything yet.
I’m stuck trying to force a round object into a cube shaped one I think. lol. still can’t log in :lol:
I can’t found the credentials, is too obvious ? because i am reading all things line per line > but i don’t see anything yet.
Its way, way too obvious. Just make sure you are looking for the right credentials
@FlameOfIgnis said:
I can’t found the credentials, is too obvious ? because i am reading all things line per line > but i don’t see anything yet.
Its way, way too obvious. Just make sure you are looking for the right credentials
Thanks for your answer, i will be patient with this xD
Need a hand with the decoding of file. pm pls if anyone can help
Nope… not finding these elusive creds.
Currently trying to decode, if anyone is willing please PM me for a hint
guys I got the creds alrdy . and now Im trying to get webmail server.
any hint would much appreciated!
Edit: Spoiler :D, Sorry guys
I’m stuck. Found w****n and creds but don’t know what to do. Please PM.
@ferreirasc said:
Hints for privesc? I’m looking for juicy information inside .mo*****…Am I in the right path?
something strange happened , i got user flag and submitted it but in progress bar no changes happened. it was zero before the flag and zero after the flag. can someone explain this to me??
Rooted
Root
For me it was not so obvious or logical to get root, in fact it was something weird but in the end it makes some sense.
Clue: It seems that the user left unprotected things out there, it’s a kind of time travel with the f*x
It should be enough, but just in case, the root is focused on W*****
Rooted.
I do not know what to think of this box.
Several foolish steps and other interesting …
Thx guys for the directions.
Tip for privesc: The path to root is in front of you. Focus on the files that your user owns. Remember well all the passwords obtained throughout the process. They can be important in several steps.
If there is any spoiler here… feel free to edit my post
can anyone PM with links that helps in understanding how to decrypt the file ??
I’m stuck. Found w****n and creds but don’t know what to do. Please PM.