some tips for login
@dshulman said:
some tips for login
as valentinelocke said, make sure to run a full nmap scan, if you know the users and a valid entry point, then you need to make some educated guesses to gain a shell
@Aabkar said:
any hint for priv esc guys? thanks
Find out what commands you can run… then think about how you can use it to either get a shell escalation or skip the shell escalation entirely
@0d1n said:
any wordlist for root hash? rockyou doesnt seem to work, which 95 percent of the time it does
There’s a known password cracker for that. Takes a while - 15min? But not for root user since that file only has the other users passwords.
@alquimista said:
@0d1n said:
any wordlist for root hash? rockyou doesnt seem to work, which 95 percent of the time it doesThere’s a known password cracker for that. Takes a while - 15min? But not for root user since that file only has the other users passwords.
You can use that password for root as well by manipulating a file 
@B0rN2R00T said:
@alquimista said:
@0d1n said:
any wordlist for root hash? rockyou doesnt seem to work, which 95 percent of the time it doesThere’s a known password cracker for that. Takes a while - 15min? But not for root user since that file only has the other users passwords.
You can use that password for root as well by manipulating a file
That’s one way, but its really not needed, think people doing it that way and screwing up is the reason the box keeps breaking, if you read the manpages there’s other ways.
I am on a VIP server and this box is useless, it keeps crashing. Can’t even enumerate. I have a list of users and a list of possible passwords, but I am unable to try them.
Is somebody constantly effing it up or is this some design flaw?
@0verfl00w said:
Is somebody constantly effing it up or is this some design flaw?
Simply people being lazy and using destructive exploits.
@0verfl00w said:
I am on a VIP server and this box is useless, it keeps crashing. Can’t even enumerate. I have a list of users and a list of possible passwords, but I am unable to try them.
Is somebody constantly effing it up or is this some design flaw?
I had the same problems you have, but I think it’s something with the box on VIP servers. I had problems even when there aren’t any users connected to the server. I recommend you to switch to free server to enum and solve the box, it’s what I had to do.
there is an exploit but people keep replacing files
this machine is impossible as people are fucking up files…
I modified the exploit to pull the root flag. Mission accomplished here!
Get first foothold is really easy, only need nmap and enum not much then get a shell, LOL.
I’m curious can someome pm me about the intended priv esc way?i kinda fucked up importantfiles and needed to reset after i got root!
somebody know what mean error:
Exploit failed: Rex::Proto::SunRPC::RPCError 10.10.10.76:111 - SunRPC - XDR decoding failed in sunrpc_create
its look right exploit in msfconsole, but dont work on this box
any hint on user.txt , I logged in but don’t have permissions to read it.also tried cracking shadow file but no luck.
Use a different approach
@cyc0rpion said:
any hint on user.txt , I logged in but don’t have permissions to read it.also tried cracking shadow file but no luck.
Do not put hard problems for yourself.
search more and you will find a better option.
No exploit required for this box
if it says troll, it probably means troll.
get creative and don’t waste your time and look everywhere.
Done this morning and root feels sweet