Hint for TartarSauce!

I will say this machine was fun but not fun… It was a roller coaster ride from initial foothold to root.txt to root shell… Great work to the creators of it @3mrgnc3 and thanks to the folks who gave me great hints…

In this box, the first thing is to change the role of admin to Editor, then the other is a piece of cake!

I ? in that I am :slight_smile:

Stuck on getting root, can someone give me a nudge, if needed DM me

@rlfonseca same.

Stuck on getting initial foothold. Found other app, and some things related to it (not posting it here if it’s considered spoiling). Could someone give me a nudge? Any help much appreciated. DM welcome.

I got root flag whithout root shell.
Anybody knows how to get a shell ?

One small hint for the initial foothold from me: Do not always blindly trust your tools! I hate google, but sometimes it’s better to recheck some critical findings:)

As much as I hated this for the time it took, the clock watching element is probably pretty realistic :slight_smile: Good lab to learn, and work fast :+1:

That machine taught me a lot.
Specialy getting a root shell… Awesome.

Getting shell was not too realistic, changing some info to confuse scanners is something clever but strange. Getting root was fun, had a chance to practise python skills.

can someone pm me for initial steps ?

CAn someone PM for final priv esc, so close yet so far

nvm root

Very nice machine. Root was very interesting. Thanks to @wirepigeon for hint

Any hints on initial foot hold for user.txt

I found two web-services the first MONSTER doesnt let me do anything the other one which has WORDS that are PRESSED onto the screen has some funky redirecting going on but i cant login to that service… am i missing something?

why the hell is integrity check not working for me? I manually changed a file in web dir to create a difference but when I run that binary, no comparison is found :frowning:
Difference was detected only once in like 1000 tries and this just doesn’t make any sense. I kept repeating same process, files are different but still it isn’t detecting :confused:
What am I doing wrong here?

nvm got the root flag without shell
This machine reminds me exactly of an OSCP exam machine. Just keep enumerating till end. I am happy that I didn’t stop enumeration during exam.
Priv esc is so much mind f***

Would be grateful if anyone could DM me with a hint on how to proceed (even reference to reading material). I have identified the the 2 apps and I am currently enumerating the no to obvious one. But seems I am not heading anywhere

@smit2300 said:
Rooted! Wow that was a tough priv esc but so cleverly put together! Mad props to the makers even if @3mrgnc3 is an absolute troll lol. PM me if anyone needs a hint at any stage of the box.


1 week out from OSCP retest & would love some privesc pointers, not spoilers
Got O* shell; might understand retartar (grp) but can’t find diff/script talked. found 3 diff files but at a loss…

Hey guys please PM me I need help on this box I’ve been trying to get user for like 2 weeks now