> It's the same. If you can find the user, the pass is near from that. And if you can reveal the user, i think you can reveal pass too. I hope I'm not spoling this.
Aw…I’ve just found another string that was similar to pass. Now I found it, and on the way to root.
I know I can talk to the stretchysearch using c***. I’ve enumerated all the indices. I’ve translated all the text and read everything in detail, as I know the needle in the haystack is key…
I’m totally lost now, I’ve tried a few different scripts to help enumerate/dump the entire DB, but can’t get them to work. Could do with some pointers here anyone, please
I’m on the box trying to priv esc to K. Super stuck here, could someone give me a nudge please? I read something about an LFI, but is this the only way?
Got user… but for root, i am trying to use the L**-vulnerabiility. When I use it the server only “chews”. No mattr if i include a reverse shell or a textfile. Isn’t this the severity we are supposed to use?
Phew, finally rooted. Don’t over think the privesc like I did. Look at what you have, consult the documentation to understand what’s going on, google around for some good resources, and then use a debugger to your advantage. PM me if you’re stuck and need a nudge in the right direction. Special thanks to @thegoatreich for the assist.
Just got root, as @nergalwaja says, don’t overthink it. Just connect the dots.
Special thanks to everybody who gave me a nudge in the right direction. Looking to pay it forward, PM me if stuck or in need of hints. Good luck.
jeez, i’m getting a raw patch on my head from scratching it so hard. user was…meh. nice puzzle but i prefer more “real world” boxes. i know what i need to do after getting user, it’s just i can’t figure out how. i know what to upload and was looking into a specific CVE but i can’t figure out how to execute it. looking through the documentation (which is pretty bad in my opinion, just my 2 cents) didn’t get me any further, can anyone point me in the right direction on what to read up on? i’m stuck
rooted. Learned a lot about l****h , especially gk.
All hints have been already mentioned. If I have to add something about priv esc, don’t forget that \s means SPACE.